Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Using the .asc extension for public key attachments is poor UX for the receiver #1141

Closed
fawkesley opened this issue Dec 4, 2014 · 4 comments
Closed

Using the .asc extension for public key attachments is poor UX for the receiver #1141

fawkesley opened this issue Dec 4, 2014 · 4 comments
Labels
Front End
Milestone
1.2 Release

Comments

@fawkesley
Copy link
Contributor

I was showing @zarino Mailpile and doing a GPG primer. I sent him an email from Mailpile and selected "attach my public key".

On receiving the email, Mail.app (v5.3) on his Mac (OS 10.7.5) didn't know how to open the .asc file.

QuickLooking the file doesn't work and double-clicking it prompts for an application to open the file with. He said that if anything it looks like a virus.

Furthermore there's no way of telling what to do with the file. A comment with a link to instructions or something would be a start.

Going further, we suggest (inspired by @frabcus) a custom email signature along the lines of "This email is being spied on. Upgrade to use PGP security. Find out how."

:P 👍
@bnvk bnvk added the Front End label Dec 4, 2014
@bnvk bnvk added this to the 1.0 Release milestone Dec 4, 2014
@bnvk
Copy link
Contributor

bnvk commented Dec 4, 2014

@paulfurley thanks for the thoughts. If @zarino had GPG Tools installed, the file would be clickable. But yah, that's yucky UX. Sadly, operating systems are not smart enough to suggest what software is needed for various filetypes it doesn't currently have software for.

I like the idea of adding a text line to the signature that try's to help if a key is being attached, as it would definitely help to some degree. Relates to #912

@frabcus
Copy link

frabcus commented Dec 4, 2014

The wording of the signature - and in HTML mode what it looks like! - is really important.

"Warning: Anyone may have intercepted and read this email. To upgrade to secure, encrypted email, install Mailpile here. Mailpile is made by a not for profit foundation."

Definitely worth getting good wordsmiths and designers. Much as hotmail originally spread at crazy speed from an advert in signatures (back in 1996!)... I think that Mailpile could too.

Also, ideally this wouldn't be optional - all emails would be signed, with an attached public key, and a signature advert :)

@BjarniRunar
Copy link
Member

It's worth experimenting with whether we can just send the signature as a .txt file, and put some human readable explanations at the top of it.

Regarding the signatures, especially mandatory signature cruft, I think that's going to prove very unpopular with a large number of users. Requests for the ability to disable (or change) the current default signature were among the first requests we got after the beta, so this assertion is based on real data, not a gut feeling or personal preference. :-)

I'd rather put the explanations in the signature file itself, if possible, where they're out of the way until the user starts looking for them.

@BjarniRunar BjarniRunar modified the milestones: 1.0 Release, 1.1 Release Aug 4, 2015
@BjarniRunar
Copy link
Member

This has been validated, reiterated and expanded upon in #1693. Closing this as a dup, moving the conversation there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Front End
Projects
None yet
Milestone
1.2 Release
Development

No branches or pull requests
4 participants
@frabcus @bnvk @fawkesley @BjarniRunar