Add disclaimer to HTML template educating users that SKS does not validate any information

#59 Open
Repository
micahflee
Branch
default
Repository
skskeyserver
Branch
default

Bitbucket cannot automatically merge this request.

The commits that make up this pull request have been removed.

Bitbucket cannot automatically merge this request due to conflicts.

Review the conflicts on the Overview tab. You can then either decline the request or merge it manually on your local system using the following commands:

hg update default
hg pull -r default https://bitbucket.org/micahflee/sks-keyserver
hg merge bdffbac3ce25
hg commit -m 'Merged in micahflee/sks-keyserver (pull request #59)'
Author
  1. Micah Lee
Reviewers
Description

This adds two sentences inside of a div to the top of the HTML template used in the web interface that says:

Information displayed on this website, including public keys and anything associated with them, might not be valid. Inspect public keys using OpenPGP software to see valid information.

This way, users might not get confused about the information they see in SKS’s web interface and are less likely to make bad security decisions as a result.

Fixes #41.

Comments (10)

  1. Kristian Fiskerstrand

    Although I’m not principally agianst such a disclaimer, it is attacking the question on a wrong level; if accessing an untrusted resource and relying on the disclaimer on it you’re doing something wrong to begin with, so the ultimate issue is education of the user base. If such a disclaimer can increase awareness it is good, but I’m still arguing that users shoudl use keyservers from clients and not directly.

  2. Kristian Fiskerstrand

    That said, if we are to include something like this, it should use “public keyblock” as it isn’t strictly cryptographic material, and “might not be valid.” should clearly state “is not cryptographically verified”. That misses the issue of depending on a third party to verify to begin with, so might try to find a phrase that encourages behavior to always verify yourself.

  3. Micah Lee author

    I agree relying on a disclaimer isn’t perfect, but since SKS provides a user interface, that interface is the perfect place to start educating.

    What do you think about this wording instead?

    Information displayed on this website, including public keyblocks and anything associated with them, is not cryptographically verified. Always inspect public keyblocks using OpenPGP software to see verified information.

    1. Kristian Fiskerstrand

      that language seems much better to me, maybe also add “don’t trust third party verification, but verify public keyblocks using OpenPGP software on secured devices to see…” ?

  4. Micah Lee author

    I also wonder if it makes sense to include something that conveys that anyone can add any information. A lot of new users seem to believe that if they search a key server for someone’s email address and find a public key, that person must have created that key.

    1. Kristian Fiskerstrand

      That is really implicit in the verification statement, but it can’t hurt to to be more verbose if first adding something like this

  5. Micah Lee author

    How about this? Instead of saying “don’t trust third party verification” I say “Always inspect public keyblocks using OpenPGP software on a secured device that you control” just because I think many people won’t know what third-party verification means.

    Information displayed on this website, including public keyblocks and anything associated with them, is not cryptographically verified. Always inspect public keyblocks using OpenPGP software on a secured device that you control to see verified information.

  6. Micah Lee author

    Excellent. I just pushed another commit that changes the wording. Here’s a new screenshot: