From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id 6D8BE6DE0B64 for ; Sun, 22 Mar 2020 12:23:41 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -3.924 X-Spam-Level: X-Spam-Status: No, score=-3.924 tagged_above=-999 required=5 tests=[AWL=-1.624, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sj3kcXWrWCeu for ; Sun, 22 Mar 2020 12:23:40 -0700 (PDT) X-Greylist: delayed 472 seconds by postgrey-1.36 at arlo; Sun, 22 Mar 2020 12:23:40 PDT Received: from free.hands.com (free.hands.com [78.129.164.123]) by arlo.cworth.org (Postfix) with ESMTP id 18B1E6DE0B36 for ; Sun, 22 Mar 2020 12:23:40 -0700 (PDT) Received: from hands.com (p5B1208EA.dip0.t-ipconnect.de [91.18.8.234]) by free.hands.com (Postfix) with ESMTPSA id 117C82A1CB for ; Sun, 22 Mar 2020 19:15:45 +0000 (GMT) Received: from phil (uid 1000) (envelope-from phil@hands.com) id 169435 by hands.com (DragonFly Mail Agent v0.11); Sun, 22 Mar 2020 20:15:44 +0100 From: Philip Hands To: notmuch@notmuchmail.org Subject: Re: Ultimate trust In-Reply-To: <87pnd4laxa.fsf@fliptop.i-did-not-set--mail-host-address--so-tickle-me> References: <87v9mxlqof.fsf@fliptop.i-did-not-set--mail-host-address--so-tickle-me> <878sjt3e9n.fsf@iki.fi> <87pnd4laxa.fsf@fliptop.i-did-not-set--mail-host-address--so-tickle-me> Date: Sun, 22 Mar 2020 20:15:35 +0100 Message-ID: <87d094ciaw.fsf@hands.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Mar 2020 19:23:41 -0000 --=-=-= Content-Type: text/plain Tomas Nordin writes: > Teemu Likonen writes: ... >> I do this: I press "Yes" (to trust "ultimately") but then immediately go >> edit ~/.gnupg/trustlist.txt file and put "!" mark in the beginning of >> that certificate authority's key fingerprint. It marks that key >> untrusted (because I really don't know). Then: "gpgconf --reload >> gpg-agent". > > OK, thanks. That already feels better, knowing I can revert this trust > easily like that. And some better understanding for whats going on. That seems like a UI bug to me -- I'd have thought that there should be a "No" button so that you can stop it repeatedly asking (presumably by automatically doing the same as the above manual procedure). Would anyone happen to know where that should be reported? I have a feeling that I'd want to default that to answering "No", and never see the prompt. The number of people I'm willing to declare ultimate trust in is quite limited, and even for those, I'm not going to do it via some unfamiliar bit of UI that springs up unexpectedly. This strikes me as mildly deranged, and appears to be trying to train users to do the wrong thing. Cheers, Phil. -- |)| Philip Hands [+44 (0)20 8530 9560] HANDS.COM Ltd. |-| http://www.hands.com/ http://ftp.uk.debian.org/ |(| Hugo-Klemm-Strasse 34, 21075 Hamburg, GERMANY --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE3/FBWs4yJ/zyBwfW0EujoAEl1cAFAl53uVcACgkQ0EujoAEl 1cBdkw//fbrWKFI8GThfOFcsxSCLHwYXRR02CoauWBD9/5zbtWuCip7sR28x9Ob6 /FRjB16841rGDHXe2oCDqtGxQKhpLshtabFrJIrx0QOVHp1WvP7UPI8FGdM4fBCf ROsn0V6lwyZTKXozcfr2Y2h5qXQKz6uqDAJmXsxPT1fJ5ygX4PydUfMVnIVL+dQK P2IXD3agtzTS4aXXB/iEUbn/FON/yu9CPCHoB+iI9LCqTNHB5mrjFmibi5K6DYFP aRJOJet2tsnvaH/eqaYuWgNLtPpgCI5AStet34mEpT70sxKBGOBvIY3J21UpbS+s 8WfT1+Pr7nk2bVdAO1ZY944i/Vvz0v8Qk23JKGBsmeGfBuPFyznKrojfELdW53Nx Abg+NoXtNQPo5yTS/IN/VAC9rJA1uDmgVWHtkDQBZC4aADe4fI6zrQGm2wrdtGUW ndRco6JNSNPDoJEqCyBnIlwo90xBRq8UFIbil+eYwWEdvQtzWkOjIAB2wDltiUXl nSxpvuMzDd2/0YDNaR6pbQFAJSmNDW9efM59IBZnvIysIiV8WPraW5cV7k0BKhhO 9tfe93Tpk+Ip0GfAG/zAyTPahTKoJEwoztKStFeK7VLYR+D7CkcERQwzeVZ1gDsS UdiEZdeSJw89gd+K063GyBDi8hN7rZMzAn4NEeA4hPyxfCWVVj8= =3a2K -----END PGP SIGNATURE----- --=-=-=--