Closed Bug 241986 Opened 20 years ago Closed 14 years ago

Signed and Encrypted messages not prominantly displayed.

Categories

(Thunderbird :: Mail Window Front End, enhancement)

Product:
Thunderbird
Component:
Mail Window Front End
Platform:
x86
Windows XP
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 291145

People

(Reporter: anopres, Unassigned)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040206 Firefox/0.8
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040206 Firefox/0.8

I think that messages that are properly signed and/or encrypted should have that
fact visually apparent. Right now, you only see the icon if the full message
headers are displayed.  It would be even better if the unsigned and unencrypted
messages were made to look as if there was something wrong with them (broken
lock, broken pen, etc.) to encourage the use of digital signatures.

I also think there should be a way to filter messages based on their
signature/encrypted statuses.

Reproducible: Always
Steps to Reproduce:
1.
2.
3.
I think there should be a more prominent indication of invalid/valid signatures
and/or encryption. The small pen icon is easy to miss, especially since the
valid signature and invalid signature icons look pretty similiar.

It would be better if there was a larger, light red box above the message (like
evolution does, if I'm not mistaken) - similiar to the yellow border that
Firefox adds when it blocks a popup. It should be at least two lines long to
catch attention and inform the user of the invalid certificate, maybe including
a link to examine the situation.

Example: "This message is signed by a sender who claims to be XXX on the
authority of CAXXX, which you do not trust for this kind of identification.
_Click here_ to examine the situation more closely." (The _Click here_ link
would lead the user to the "view certificate" screen).

While the invalid certificate warning is most important, it would not be bad if
there also was one for valid certificates and encryption. A light green box for
signatures could display "This message was signed by XXX, whose identity was
confirmed by CAXXX." And a yellow information box simply saying "This message
arrived encrypted."

If I remember correctly, MS Outlook does something similiar, but it seems to be
 badly and confusingly done there, at least for Users who are not very
proficient about encryption.

If anyone wants a mock-up, I can fix up a screenshot to show an example.
QA Contact: front-end
Assignee: mscott → nobody
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.