[ESD-translators] Misleading "invalid keys" section?

esd-translators

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ESD-translators] Misleading "invalid keys" section?

From:	Tobias Bengfort
Subject:	[ESD-translators] Misleading "invalid keys" section?
Date:	Fri, 17 Feb 2017 15:10:22 +0100
User-agent:	Mozilla-Thunderbird 2.0.0.24 (X11/20100329)

Hi,

I have a question that is not directly related to translation, but
rather to content. I am sorry if this is the wrong place to raise the issue.

I recently stumbled upon a bug report[1] in a thunderbird plugin that
quoted the "be wary of invalid keys" section from emailselfdefence.

Maybe I am missing something, but I find that section misleading. It
seems to mix up encryption and signing:

> make a habit of glancing at that bar. The program will warn you there
> if you get an email encrypted with a key that can't be trusted.

You should not trust the authenticity of an email if it was *signed*
with an untrusted key. This is also what is displayed in that bar.

On the other hand, *encrypting* a mail with an untrusted key is
dangerous, but there is *no bar* indicating this. Instead, there is the
"To send encrypted, accept only trusted keys" setting in Enigmail.

tobias

[1]: https://github.com/protz/thunderbird-conversations/issues/1120

[Prev in Thread]

Current Thread

[Next in Thread]

[ESD-translators] Misleading "invalid keys" section?, Tobias Bengfort <=
- Re: [ESD-translators] Misleading "invalid keys" section?, Ineiev, 2017/02/17

Prev by Date: Re: [ESD-translators] Albanian sq.po updated to v4
Next by Date: Re: [ESD-translators] Misleading "invalid keys" section?
Previous by thread: Re: [ESD-translators] Albanian sq.po updated to v4
Next by thread: Re: [ESD-translators] Misleading "invalid keys" section?
Index(es):
- Date
- Thread