Outlook Ui for Automated / Easy Encryption
Outlook Ui for Automated / Easy Encryption
- New "Summary" Messages
- Reading a Message
- Level 0
- Level 1
- Level 2
- Level 3
- Level 4
This page contains screenshots and descriptions of the user interface provided by GpgOL in Outlook. Especially as they relate to the Automated Encryption Concept.
- Source trust
New "Summary" Messages
The screenshots in this Page are not up to date anymore as we made two changes but aheinecke did not yet update all screenshots. The summary string and the Icon for level 2 has changed. The current summaries and levels are:
Rationale for this was that the circle Icon did not have a clear meaning when shown to users and that trying to distinguish of our levels through words like "Highly, Basic" Or Trusted vs. Confirmed was more confusing then just saying level. As "Security Level 2" should also be understandable.
In General the Ui is very limited, we extend the buttons at the top bar (called ribbon) with another button. The position of the button default to be rightmost but is movable through configuration as any other button.
The little icon in the corner of the GpgOL group opens the options dialog of GpgOL.
Every action has a tooltip that is shown if the user hovers over the action. A tooltip consists of a heading and a more verbose description below. This format is defined by Outlook and there is no markup possible in the tips.
Composing a Message
When sending this button offers to "Secure" a mail. That button is a split button that offers more advanced "Sign and Encrypt" as subbuttons. All the buttons can be toggled to reflect the state. Secure is only toggled if both sign and encrypt are toggled.
The Icon is a bit ugly but it's our GpgOL brand icon with an added "Red Ribbon" as Microsoft uses. The red ribbon as "Signed" indicator.
Secure not toggled
Message will be neither signed nor encrypted. Tooltip shown bceause the (invisible) mouse hovers over it.
Message will be signed and encrypted.
The "Split button"
Comparison: Integrated Outlook S/MIME Buttons
The Group is called "Permission"
Reading a Message
Similarly if we read a message we also have one single button. This button showns the "Crypto Status" of the Mail that is currently read.
The concept is that signature status is shown through an emblem, while crypto status is shown as a lock. The combined status is shown as an overlay of the emblem over the lock.
A short "summary" is available through the tooltip, which is basically meant as a "Show Details". If you click on the button kleopatra's full blown "Certificate Details" dialog will show.
Additionally we have Categeories that are shown as blue / green bar, the blue bar is shown for encrypted messages and the green bar for signed messages that have verified to at least level 2.
With the idea not to treat better then any signed mails we have to make it clear that unsigned mails are just what they are. Insecure.
A click on the button opens: https://emailselfdefense.fsf.org/infographic this should help educating slighly interested users. The Page is not an ideal landing page as it offers a full guide that is currently unrelated to gpgol, but the graphic is useful to educate about Mail encryption.
Signed but no Key
XXX: It is questionable if we should offer search here, we search by fingerprint but using auto-key-retrieve would be better. In that case we only need to offer to import a key from file.
Signed but untrusted key (Web of Trust)
Encrypted / Signed with Tofu Confict
Some problem, or revoked or something
Any Problem like an invalid signature, a revoked key / signature etc. will also be handled on this level and explained in the tooltip.
At level 1 we would use the key for opportunistic encryption but don't show it as green just yet. Rationale for this is explained on the Automated Mail Encryption page.
Little TOFU history
From this level on we show the "Trusted Sender Address" category.
For each state, two screenshots, one with Encrypted & Signed one with Signed only.
TOFU Basic History
Not yet implemented suggested wording:
The senders address is confirmed because the key for this sender was obtained from 'example.com'.
Level 3 will never be seen by the fully automated user. Here we start making claims about identity and not just the senders address.
The check mark is shown to indicate that some actual checking was done.
Direct trust or your own keys.