78

I believe that i can differentiate between encryption, signature and ciphers very well, and usage of encryption in mentioned context is more often than not binded closely with usage of private and public keys.

Step by step process of learning this things should be left to user and his sources of informing him self, and not forced upon him. It is not a weapon he is using..

Process of using the encryption it self should not require:
- the user to 'completely' understand how it works
- or how to set it up to work with Kmail

Use cases of encryption are much more common than you think, especially for students and professors. Should for example law student be forced to learn methods of encryption and digital signatures + how to set it up in Kmail, to be able to have secure means of communication with his professor?

I tried really hard to understand "..consenting to secure in the real world and in your mind the use of these means"

Bad english or would you think that using encryption inside Kmail posses some security threat to you or someone else, in any way imaginable?

Anyway thank you for elaborating your views.

Yeah, i am a law student, Yeah, i attended a mandatory course of IT & law. yes, the course was about digital signature and encryption. yes, the prof. wasn't a genious of it...

italian legislation and anyone involved in the developing of software and standards on cryptography argue on the necessity to expose the underlying tech

i don't ask you to manually encapsulate your messages in some xml signature, or to know functions of the cipher algorithm. Simply, to me it is unneeded a semplification af the signing and enrcypting of a text. If it came, i will use gpg and the other stuff to control that all go on as *i* expect.

Last, don't know of your country, here official governmental programs to do crypt things don't match very well with linux, and you have to work veryvery hard if you want to use binding legal effects that them provide if all the procedure it's hard coded in kmail (= concrete argument).

You don't need to attend IT course to want to use encryption in mail. With todays popular internet providers, is is almost impossible to have any kind of privacy...
But why am i arguing about the need to use encryption. Even if there were only one kind of people that use encryption in mails, and if they are inside KDE users scope, than it should not be difficult to do. If anyone, than KDE users are emancipated enough with IT to want/need to use encryption sometimes.

The most important thing:
"Simply, to me it is unneeded a semplification af the signing and enrcypting of a text"

You point out that it is unneeded to you, but i ask:
What do you have to lose if it were simpler to encrypt mail.

It is easy for me to write "sudo apt-get install something",or compile it from source, but if someone were to ask that it should be made simpler to install program possibly with GUI, why would i object. Do i loose something?

If you don't think it is complicated, good for you.
If you think that it is unneeded simplification because no one uses it, then why do the: Mozilla Thunderbird and Microsoft Outlook, to name a two, make it easy to do so.

because it is cute and cool. as many other useless things

If that is all you have to say, then it seems to me that you are unable to see the point that I am trying to make.

After all that was said, lets respectively agree to totally disagree, and end this discussion.

Don't feed the troll.

I believe we need to polish the encryption/decryption possibilities for KMail.

The good privacy should be mandatory on Emails. We need to have easy way to allow users to generate the PGP keys and store them safe way (privat key) and share them easily (public key). This actually is not just problem of KMail, but KDE SC as well, we need to offer a user way to generate the PGP key for use in all KDE Apps. To encrypting/signing files, emails, Instant messages, photos, videos etc.

Kleopatra is nice app and we need to have so easy way to allow normal user secure their files, emails and IM's with PGP.

On most countries, there is law about letters and other privat things, that no one else can open and read them.
But email is electronic, we send them to other countries, we use services in other countries to store them etc. There is a big cyber intelligence ring by most biggest countries in the world, they do not need to follow even their own laws when it comes to terrorism etc.

They just grep all the data what they can have hands on. And saying "I dont have anything to hide" is very stupid.

We should take the starting point from secure way to talk. That is mandatory for democracy etc.
We can not just leave this kind things somewhere halfway because normal people do not know how to take it in use. It is not good defense just say "well, there is lots of infos on web how to encrypt your emails". Normal user does not even know that they can encrypt their emails or that the emails travels usually open to everyone.

Example of one biggest problems in scandinavia is Sweden, what just started to grep ALL data what goes trhough their country. And in Stockholm, there is one of the european Internet-chain connection and they get EVERYTHING what just pass trought servers what are located on their country.

Big companies, ISP's etc. Have moved their servers away from Sweden. If they have offices there, they encrypt all data what is sended. It is especially now needed if was not done earlier.
There is big plans to even lay even own cables under the sea to pass Sweden and Brittain.

We can not just take the start "Oh, those who need it should find out how to do it". We all need it, we all have always something to hide, if not for ourselfs sake, then at least for others sake.

There is saying:
---------
First they came for the communists, and I did not speak out???because I was not a communist;

Then they came for the trade unionists, and I did not speak out???because I was not a trade unionist;

Then they came for the Jews, and I did not speak out???because I was not a Jew;

Then they came for me???and there was no one left to speak out.
----------

I would love to see that users could very easily, by intuitive way, without reading any docs, generate PGP (etc) keys and start using them. Example when we add a new user to system, we would generate PGP for it and assign it automatically being used.

Then those who do not want to have anykind security, for sake of others. They could disable the privacy mode if they really want to do so.

Sometimes it just feels that there is big forces by governments and companies that people would not encrypt their data and discussions. Just by first starting to say "If you have something to hide, then you must be a criminal or even terrorist".

Have you ever explored whether it's possible to do entirely through kgpg? I haven't, myself, but it can help you create key pairs, export them, and so on, so it might be possible to do the whole thing.

Marked as submitted: https://bugs.kde.org/show_bug.cgi?id=101169