Houston, we have a problem
Robert J. Hansen
rjh at sixdemonbag.org
Tue Sep 26 17:37:53 CEST 2017
> But user-facing software shouldn't be exposing unverified IDs *at all*.
> Enigmail now sort-of does this...
As the guy who was largely pushing that on Enigmail ... although I
strongly sympathize, there's a rock here and a hard place there.
UX is not driven by the users we *might* have: it's driven by the users
we *do* have. The users we do have *do not want to switch*. I think
that after investing so much in learning the current system, users tend
to develop powerful opinions the UX should just be left alone please
don't fix a thing.
Imagine you have this certificate:
+ Kate 0xDECAFBAD
+-- Kathryn Carver 0xDECAFBAD
(That is to say, a primary userID of Kate, and one other UIDs using her
full name.)
Now throw that into a whole bunch of other certificates and render them
in a GUI toolkit. All rows are collapsed by default. Now ask a user to
find the certificate associated with Kathryn Carver.
90% of users will click on the "Name" column header to sort by name,
will survey the Ks, and then say "she's not in the system." (And yes, I
found this in a usability study I did in '07 with Tristan Thiede and
Juan-Pablo Hourcade.)
Clearly there's a problem here. Obviously the way we present
certificates to users is broken and wrong. But God help you if you
change the way you present certificates: some people will complain
loudly and the vast majority of users just won't consider switching.
Change is hard, and I have no good answer for that.
More information about the Gnupg-users
mailing list