On Saturday, 30 September 2017 00:08:32 CDT stakanov wrote:
He did an "P.S. S/MIME testing" (as he quoted at the end of message) When an S/MIME message arrives, you may or may not want to trust the issuing authority (which is one of the weaknesses of s/mime vs gpg, you need to trust an authority. But then, it is a very well known way to encrypt in business. In this case it was commodo. Do you use kleopatra? It may be the programm that issued the demand. And no, I do not think it is something strange, the average user should be able to understand the value of such a question. Maybe a better definition of which programm opens this would be better.
I've got Kgpg running (maybe I should change that), but I thought it was Kmail that issued the request. That's one of the problems--the issuing program and the reason for the request isn't identified--and I feel uncomfortable extending trust without knowing the party and dotting all the i's. I'm just carrying that lack of trust forward to certificate authorities. I should say I don't have knowlege of gpg usage reduced to muscle memory, I just use it once in a while. There is another, more common circumstance where Kmail (If it's Kmail) makes ambiguous requests for trust, when it tries to make a secure connection through a captive portal with a certificate. There, the answer is clearly no. But what is the average user to do? Just trust any party to come along without a clue what is going on, in an attempt to make things work? I think the dialog should at least identify who is making the request. It could be Kmail, or it could be Firefox, or it could be NetworkManager.... -- Tom Hardy <rhardy702@gmail.com> -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org