-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 25/04/2014 18:02, Daniel Kahn Gillmor wrote: > On 04/25/2014 09:23 AM, Mark H. Wood wrote: >> What about abandoning terms of art and just saying things more >> simply: "This message was signed by key AAAAAAAA. You have >> indicated that you trust that key." > > trust that key to do what? to belong to some mystery person? to > make valid OpenPGP signatures? to send you good stock tips? to be > a reliable source of cryptographically-signed tasty noodle > casserole recipes? to be controlled in an operationally secure > fashion? to have been created on the date it claims to have been > created? > > we're all aiming for clarity and simplicity here, but using a > simple ambiguous term when we need to distinguish at least two very > specific cases from each other and from many other meanings of the > word "trust" seems like a recipe for failure (instead of noodle > casserole). > > --dkg Hi all, Nicolai: I am very glad you've started this thread. <dons flame retardant suit> At the risk of being flamed, can I suggest asking the users what they think? Nicolai, by the look of it you've carried out some user research. I guess so by the "real world" discussion you posted in a message. If you did can I ask what you focused on? Did you look for suggestions from users? I have read some HCI research into non-expert user understanding of PGP. If there wasn't user research done, can I suggest doing some? With the utmost respect to the list members, you (we) are not non-expert users, and so our opinions really don't matter. The focus of Nicolai's question is *non-expert*, so we need to get their opinions. Suggestions? Arguments? Bernard -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJTWp7YAAoJELXSUVrcWJJg5YgP/0OnnyWh4oG04skYeCEulrKE DOTg6vtiIU6JY32Wlg+uVQsvwVNcBBQ8xG6qGgivALKk4iF/GD1C0vonLC2tmx2m +GQq1daRV+hVF5k8njTyPFQlHjOFQvEc/QcdSfBSi4UZ0BF5BIySNRh75uptxVmd 1c9mdMLhqHjAHUIIKVh0ZUb4BhDB4TwF1GLifXq6mLdXb2ovXkFCfJHSgKHWKlHD IeNcckNANqBNPg0t3fLX+DvWPnd5mW3v5qXL5Kwb0lFpf2RSDwz2unioqB9yt0bC eIUKcMxZcaSl/UWglIqziv/I7WODC41RKf5hBf2MchPD+6ja+ClwU1vxd0FzbBst drOCx9R18vB814s/DIlCeyEZLyuJTwoFOph6SKHCR1ZQ1esELAwwQuFqQ+yNFCv3 qsmws6wCAG3I/GcGhvaYudVM06mtzodwQZge2QPSz31/rGsQ4n9hb7uJLZlHeEGM zIG0doQSmCj8XSMroitrD9GhVonBj0X9tuvxHfk/CQd8dmqsgiGgb1DvayL5u3pM bfcqx4FFv7J2CHuwnCXys9Z+mVCJJyMCh9XI6CtUtdWKAQNS4zZjuv82lCWLceh0 ISda562n5U6iFpi0US3hT8pB+iecadgMefux2MwiAaUhClTlVIaA1qJteMtrht7B 6WPLQXZriPGr/SzUdadY =SHCp -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
