[Gpg4win-devel] How to best explain what Gpg(OL)4win does
Ángel
angel at pgp.16bits.net
Thu May 9 22:45:59 CEST 2019
Hello
I agree with Andrej that it should be a dialog, even before reading his
reply. I don't think that flier really solves the doubts that a naive
user could have.
As a rough draft:
+---------------------------------------------------------------------+
| ⌧ |
+---------------------------------------------------------------------+
| This email claims to come from jdoe at example.com but there is no |
| certainty that it was was sent by that user: |
| ✗ Message was not signed with any PGP key |
| |
| Email messages can be easily spoofed to appear to come from someone |
| else. It is recommended not to rely on mails which are not signed |
| by a trusted PGP key. |
| |
| More info |
+---------------------------------------------------------------------+
Note: I am placing the actual email address on purpose, expecting it to
show the email address listed on the From: header, not any misleading
contents of the Real Name part.
The text should obviously change if it was signed by a PGP key not in
the keyring or not trusted.
I would also recommend the more information page to be a page about this
specific question, rather than a general infographic about PGP.
Kind regards
More information about the Gpg4win-devel
mailing list