Ultimate trust

Tomas Nordin tomasn at posteo.net
Sun Mar 22 15:21:36 PDT 2020


Philip Hands <phil at hands.com> writes:

> Tomas Nordin <tomasn at posteo.net> writes:
>
>> Teemu Likonen <tlikonen at iki.fi> writes:
> ...
>>> I do this: I press "Yes" (to trust "ultimately") but then immediately go
>>> edit ~/.gnupg/trustlist.txt file and put "!" mark in the beginning of
>>> that certificate authority's key fingerprint. It marks that key
>>> untrusted (because I really don't know). Then: "gpgconf --reload
>>> gpg-agent".
>>
>> OK, thanks. That already feels better, knowing I can revert this trust
>> easily like that. And some better understanding for whats going on.
>
> That seems like a UI bug to me -- I'd have thought that there should be
> a "No" button so that you can stop it repeatedly asking (presumably by
> automatically doing the same as the above manual procedure).

I agree there should be a "No" button doing the same thing as this
manual procedure. Especially if the performance penalty is removed that
way (like when answering yes), which I didn't test yet. (Before
answering yes in the cases I refer to there was a significant hang in
Emacs before the prompt show up)

>
> Would anyone happen to know where that should be reported?
>
> I have a feeling that I'd want to default that to answering "No", and
> never see the prompt.
>
> The number of people I'm willing to declare ultimate trust in is quite
> limited, and even for those, I'm not going to do it via some unfamiliar
> bit of UI that springs up unexpectedly.  This strikes me as mildly
> deranged, and appears to be trying to train users to do the wrong thing.

>From Teemu's explaination I understood the trust is not really about the
sender but the "authority" which is certifying the senders key
(GlobalSign in this case). And in my example the message is from some
organisation connected to my work where I am guessing it is the IT
department who has decided to set this up.

While I am asked a question I cannot possibly answer I think it is
better to ask (making clear something is going on) then just do
something without my knowledge which I think is common with main stream
mail agents. But it would be better as you say to be able to say "No"
and also be given a hint about the file where this is recorded.

PS: Besides that record in the trustlist.txt file I still don't
    understand what the possible side effect is. Other than removal of
    the delay.

--
Tomas


More information about the notmuch mailing list