[rfc][icedtea-web] Enhanced signed app's messages
Andrew Azores
aazores at redhat.com
Fri Dec 6 07:10:49 PST 2013
On 12/05/2013 04:26 AM, Jiri Vanek wrote:
> On 12/04/2013 07:56 PM, Andrew Azores wrote:
>> On 12/04/2013 01:34 PM, Jacob Wisor wrote:
>>> Hello!
>>>
>>> Jiri Vanek wrote:
>>> > As Andy suggested, What about this messages?
>>> > If it will pass, I would like to push it to 1.4 too.
>>>
>>> > +SSigUnverified=The application's digital signature cannot be
>>> verified. Do you
>>> > want to run the application, and so grant to this application
>>> unrestricted
>>> > access to your computer?
>>> > +SSigVerified=The application's digital signature has been
>>> verified. Do you
>>> > want to run the application, and so grant to this application
>>> unrestricted
>>> > access to your computer?
>>> > +SSignatureError=The application's digital signature has an error.
>>> Do you want
>>> > to run the application, and so grant to this application
>>> unrestricted access
>>> > to your computer?
>>>
>>> Hmm, "unrestricted access" sounds scary
>
> considering the original email of Andy, it is exactly what it should
> sounds like.
> Considering the user *do* read, it can more easily understand
> "unrestricted access" then "application is fully signed". If we wont
> to add "run in sandbox" button soon, or list individual requested
> permissions, then I still believe this message is a step in right
> direction.
>
> I was trying to transform the message a bit, but all I got was less
> clear, too long, or more wrong.
>
> So I still would like to push this messages, unless some better
> versions appear.
I'll suggest this alternate wording for your consideration:
"The application's digital signature cannot be verified. Do you want to
run the application? It will be granted unrestricted access to your
computer."
Thanks,
--
Andrew A
More information about the distro-pkg-dev
mailing list