[jitsi-dev] Re: [jitsi~svn:9503] Adds new improved security interface.


#1

Hey Yana

Just tried a call to take a look at the new panel, looks pretty cool! :slight_smile:

But I noticed a few issues, maybe you're already aware of them, but anyway:
- The video encryption indication is wrong, at least for ZRTP
- On the initiating side of the call, I couldn't open (or close) the flyout-panel once video was enabled (not immediately, but after maybe half a minute)
- The overall encryption information is wrong for SDES: The encryption is in place, yet it's shown as insecure

The technical call details window shows the correct information for both SDES and ZRTP.

And from a usability perspective, it would be handy if the flyout-panel could be closed by a click anywhere in the call window (or at least have a "close" button). It took me a few clicks to realize that I have to click on the red/orange/green part again.

Regards,
Ingo

路路路

Subject: [jitsi~svn:9503] Adds new improved security interface.

Project: jitsi
Repository: svn
Revision: 9503
Author: yanas
Date: 2012-04-04 12:13:03 UTC


#2

Hi Ingo,

Thanks for the quick feedback!

(more inline)

Hey Yana

Just tried a call to take a look at the new panel, looks pretty cool! :slight_smile:

But I noticed a few issues, maybe you're already aware of them, but anyway:
- The video encryption indication is wrong, at least for ZRTP
- On the initiating side of the call, I couldn't open (or close) the flyout-panel once video was enabled (not immediately, but after maybe half a minute)
- The overall encryption information is wrong for SDES: The encryption is in place, yet it's shown as insecure

I'll have a look and will come back to you.

The technical call details window shows the correct information for both SDES and ZRTP.

And from a usability perspective, it would be handy if the flyout-panel could be closed by a click anywhere in the call window (or at least have a "close" button). It took me a few clicks to realize that I have to click on the red/orange/green part again.

Actually there is a "close" button, strange that you don't see it. I'll have a look.

Cheers,
Yana

路路路

On Apr 4, 2012, at 4:45 PM, Ingo Bauersachs wrote:

Regards,
Ingo

Subject: [jitsi~svn:9503] Adds new improved security interface.

Project: jitsi
Repository: svn
Revision: 9503
Author: yanas
Date: 2012-04-04 12:13:03 UTC


#3

Hi Yana, all,

that's a great enhancement a gives a much better feedback for the user.

One comment though:

- the SAS panel has a fixed size and this foces the info button (and another button
聽聽that I dared to add :slight_smile: ) to float if the label test is longer than the english
聽聽text. See attached screenschots "jitsi_zidName16" and "jitsi_zidName17"

To implement the ZID name feature (RFC 6189bis, chapter 12) I added some code to
ZrtpSecurityPanel and ZrtpControl* classes. The main part is in the panel.

As indicated in the comment I added a button to enable the user to start a dialog
to enter a name for the ZID. This button works only if the user compared and confirmed
the SAS.

If the user clicks the button the dialog window pops up. If no name was set then the
input filed is preset with the peer display name. The use may now modifiy this or leave
the preset value and confirm with OK. If the user cancels the dialog the ZID name remains
empty.

The layout show in the screenshots, in particular in the SAS panel, is just a proposal
and should be adapted by our UI grand master :wink:

Another slight modification (also shown in the screenshots): I added blanks between the
SAS characters to really separate them. Depending on the font (proportional fonts) a
combination of the charaters "ri" could be read as "n" for example. We solve this
problem by inserting blanks

What do you think?

Best regards,
Werner

路路路

Am 04.04.2012 16:45, schrieb Ingo Bauersachs:

Hey Yana

Just tried a call to take a look at the new panel, looks pretty cool! :slight_smile:

But I noticed a few issues, maybe you're already aware of them, but anyway:
- The video encryption indication is wrong, at least for ZRTP
- On the initiating side of the call, I couldn't open (or close) the flyout-panel once video was enabled (not immediately, but after maybe half a minute)
- The overall encryption information is wrong for SDES: The encryption is in place, yet it's shown as insecure

The technical call details window shows the correct information for both SDES and ZRTP.

And from a usability perspective, it would be handy if the flyout-panel could be closed by a click anywhere in the call window (or at least have a "close" button). It took me a few clicks to realize that I have to click on the red/orange/green part again.

Regards,
Ingo

Subject: [jitsi~svn:9503] Adds new improved security interface.

Project: jitsi
Repository: svn
Revision: 9503
Author: yanas
Date: 2012-04-04 12:13:03 UTC


#4

Hi Ingo,

Hey Yana

Just tried a call to take a look at the new panel, looks pretty cool! :slight_smile:

But I noticed a few issues, maybe you're already aware of them, but anyway:
- The video encryption indication is wrong, at least for ZRTP
- On the initiating side of the call, I couldn't open (or close) the flyout-panel once video was enabled (not immediately, but after maybe half a minute)
- The overall encryption information is wrong for SDES: The encryption is in place, yet it's shown as insecure

I've worked on all three problems and committed some fixes. Could you please try with the last build and see if they're fixed for you?

The technical call details window shows the correct information for both SDES and ZRTP.

And from a usability perspective, it would be handy if the flyout-panel could be closed by a click anywhere in the call window (or at least have a "close" button). It took me a few clicks to realize that I have to click on the red/orange/green part again.

Do you have the close button now or still nothing appears on your side?

Cheers,
Yana

路路路

On Apr 4, 2012, at 5:45 PM, Ingo Bauersachs wrote:

Regards,
Ingo

Subject: [jitsi~svn:9503] Adds new improved security interface.

Project: jitsi
Repository: svn
Revision: 9503
Author: yanas
Date: 2012-04-04 12:13:03 UTC


#5

Hey Werner

Without reading anything related to ZRTP, what is the purpose of that ZID name? I don't get it from the screenshots and your mail...

Regards,
Ingo

路路路

-----Original Message-----
From: Werner Dittmann [mailto:Werner.Dittmann@t-online.de]
Sent: Donnerstag, 5. April 2012 09:41
To: dev@jitsi.java.net
Subject: [jitsi-dev] Re: [jitsi~svn:9503] Adds new improved security
interface.
Hi Yana, all,

that's a great enhancement a gives a much better feedback for the user.

One comment though:

- the SAS panel has a fixed size and this foces the info button (and another
button
聽聽that I dared to add :slight_smile: ) to float if the label test is longer than
聽聽the english text. See attached screenschots "jitsi_zidName16" and
聽聽"jitsi_zidName17"
To implement the ZID name feature (RFC 6189bis, chapter 12) I added some
code to ZrtpSecurityPanel and ZrtpControl* classes. The main part is in
the panel.

As indicated in the comment I added a button to enable the user to start
a dialog to enter a name for the ZID. This button works only if the
user compared and confirmed the SAS.

If the user clicks the button the dialog window pops up. If no name was set
then the
input filed is preset with the peer display name. The use may now modifiy
this or leave
the preset value and confirm with OK. If the user cancels the dialog the ZID
name remains
empty.

The layout show in the screenshots, in particular in the SAS panel, is
just a proposal and should be adapted by our UI grand master :wink:

Another slight modification (also shown in the screenshots): I added
blanks between the SAS characters to really separate them. Depending on
the font (proportional fonts) a combination of the charaters "ri" could
be read as "n" for example. We solve this problem by inserting blanks

What do you think?

Best regards,
Werner

Am 04.04.2012 16:45, schrieb Ingo Bauersachs:

Hey Yana

Just tried a call to take a look at the new panel, looks pretty cool! :slight_smile:

But I noticed a few issues, maybe you're already aware of them, but anyway:
- The video encryption indication is wrong, at least for ZRTP
- On the initiating side of the call, I couldn't open (or close) the

flyout-panel once video was enabled (not immediately, but after maybe half a
minute)

- The overall encryption information is wrong for SDES: The encryption
is in place, yet it's shown as insecure

The technical call details window shows the correct information for
both SDES and ZRTP.

And from a usability perspective, it would be handy if the flyout-panel

could be closed by a click anywhere in the call window (or at least have a
"close" button). It took me a few clicks to realize that I have to click on
the red/orange/green part again.

Regards,
Ingo

Subject: [jitsi~svn:9503] Adds new improved security interface.

Project: jitsi
Repository: svn
Revision: 9503
Author: yanas
Date: 2012-04-04 12:13:03 UTC


#6

Hey Yana, Werner, all

I created a small mockup of a changed security panel. The idea is to avoid too many alignment lines (is that a correct translation? "Fluchtlinien" in German). The current layout with the "i" (which does nothing for me), the people button, some weird letters is a bit messy.
Also, since we have the call-info window now, I think the chosen cipher can be displayed there. It has no use for a regular user.

Regards,
Ingo

路路路

-----Original Message-----
From: Werner Dittmann [mailto:Werner.Dittmann@t-online.de]
Sent: Donnerstag, 5. April 2012 09:41
To: dev@jitsi.java.net
Subject: [jitsi-dev] Re: [jitsi~svn:9503] Adds new improved security
interface.
Hi Yana, all,

that's a great enhancement a gives a much better feedback for the user.

One comment though:

- the SAS panel has a fixed size and this foces the info button (and another
button
聽聽that I dared to add :slight_smile: ) to float if the label test is longer than
聽聽the english text. See attached screenschots "jitsi_zidName16" and
聽聽"jitsi_zidName17"
To implement the ZID name feature (RFC 6189bis, chapter 12) I added some
code to ZrtpSecurityPanel and ZrtpControl* classes. The main part is in
the panel.

As indicated in the comment I added a button to enable the user to start
a dialog to enter a name for the ZID. This button works only if the
user compared and confirmed the SAS.

If the user clicks the button the dialog window pops up. If no name was set
then the
input filed is preset with the peer display name. The use may now modifiy
this or leave
the preset value and confirm with OK. If the user cancels the dialog the ZID
name remains
empty.

The layout show in the screenshots, in particular in the SAS panel, is
just a proposal and should be adapted by our UI grand master :wink:

Another slight modification (also shown in the screenshots): I added
blanks between the SAS characters to really separate them. Depending on
the font (proportional fonts) a combination of the charaters "ri" could
be read as "n" for example. We solve this problem by inserting blanks

What do you think?

Best regards,
Werner

Am 04.04.2012 16:45, schrieb Ingo Bauersachs:

Hey Yana

Just tried a call to take a look at the new panel, looks pretty cool! :slight_smile:

But I noticed a few issues, maybe you're already aware of them, but anyway:
- The video encryption indication is wrong, at least for ZRTP
- On the initiating side of the call, I couldn't open (or close) the

flyout-panel once video was enabled (not immediately, but after maybe half a
minute)

- The overall encryption information is wrong for SDES: The encryption
is in place, yet it's shown as insecure

The technical call details window shows the correct information for
both SDES and ZRTP.

And from a usability perspective, it would be handy if the flyout-panel

could be closed by a click anywhere in the call window (or at least have a
"close" button). It took me a few clicks to realize that I have to click on
the red/orange/green part again.

Regards,
Ingo

Subject: [jitsi~svn:9503] Adds new improved security interface.

Project: jitsi
Repository: svn
Revision: 9503
Author: yanas
Date: 2012-04-04 12:13:03 UTC


#7

Just tried a call to take a look at the new panel, looks pretty cool! :slight_smile:

But I noticed a few issues, maybe you're already aware of them, but

anyway:

- The video encryption indication is wrong, at least for ZRTP
- On the initiating side of the call, I couldn't open (or close) the

flyout-panel once video was enabled (not immediately, but after maybe half

a

minute)

- The overall encryption information is wrong for SDES: The encryption is

in place, yet it's shown as insecure

I've worked on all three problems and committed some fixes. Could you

please

try with the last build and see if they're fixed for you?

- ZRTP Video still says it's secure when it's not
- The panel cannot be closed (same as before, but after resizing of the
window the flyout disappeared - but cannot be opened again)
- SDES is working correctly now

However, regarding SDES, it is a bit confusing now that the tooltip says
"press for more info" when SDES actually does not have anything to say. The
"audio/video secure" indications could be moved to a common panel, and the
crypto-specific part (ZRTP, SDES, MIKEY) into a separate one. The panel for
SDES could then just say something like "The call is encrypted by SDES and
secure until the next hop."

The technical call details window shows the correct information for
both SDES and ZRTP.

And from a usability perspective, it would be handy if the flyout-panel
could be closed by a click anywhere in the call window (or at least have

a

"close" button). It took me a few clicks to realize that I have to click

on

the red/orange/green part again.

Do you have the close button now or still nothing appears on your side?

No, still not visible :frowning:
I attached a screenshot of the call-window. Resizing doesn't help with
regard to the button's visibility.

Cheers,
Yana

Regards,
Ingo


#8

Hi Ingo,

Hey Werner

Without reading anything related to ZRTP, what is the purpose of that ZID name? I don't get it from the screenshots and your mail...

It's an additional security feature describe in RFC 6189 and even better in RFC 6189bis
and gives some better protection for example in case a device was captured/stolen. See
quote below.

On top of what I just implemented (testing) I also would like to have the ZID name
in a more prominent place, not just as a tooltip in the SAS panel and string. However,
this required support from Yana because I don't want to "destroy" the fine UI :-). Maybe
we can have the name just right of the "zrtp" label if a ZID name was set, i.e. not empty.
I'm just testing this possibility.

Quote from RFC 6189bis:

<quote>
Even though a ZID is associated with a device, not a human, it is often the case that a
ZRTP endpoint is controlled mainly by a particular human. For example, it may be a mobile
phone. For the key continuity features to be effective, a local cache entry (and thus
a ZID) should be associated with some sort of name of the remote party. That name could be
a human name, or it could be made more precise by specifying which ZRTP endpoint he's using.
For example "Jon Callas", or "Jon Callas on his iPhone", or "Jon on his iPad", or "Alice
on her office phone". These name strings can be stored in the local cache, indexed by ZID,
and may have been initially provided by the local user by hand. Or the local cache entry
may contain a pointer to an entry in the local address book. When a secure session is
established, if a prior session has established a cache entry, and the new session has a
matching cache entry indexed by the same ZID, and the SAS has been previously verified,
the person's name stored in that cache entry should be displayed.

It is absolutely essential to have these human-readable names associated with cache
entries. If the cache is implemented without them, it opens the door to a simple form of
MiTM attack. An attacker who has previously established a cache entry with both parties
(or simply captures a phone that has) can later act as a MiTM between those two parties
without triggering a cache mismatch, which means the users will not be alerted to do an
SAS compare. This MiTM attack would be easily detected if the name stored with the cache
entry is displayed for the user, so that the user can readily see that he is not
connected to the remote party he expected.
</quote>

Best regards,
Werner

Regards,
Ingo

From: Werner Dittmann [mailto:Werner.Dittmann@t-online.de]
Sent: Donnerstag, 5. April 2012 09:41
To: dev@jitsi.java.net
Subject: [jitsi-dev] Re: [jitsi~svn:9503] Adds new improved security
interface.
Hi Yana, all,

that's a great enhancement a gives a much better feedback for the user.

<SNIP --- SNAP>

路路路

Am 05.04.2012 10:26, schrieb Ingo Bauersachs:

-----Original Message-----


#9

Yana, Ingo, all,

looks nice to me. This shows the necessary information, additional
information, for example regarding cipher algorithm etc could be
inside a tooltip attached to the "secure audio" (or "secure video")
string. Most users IMHO are not really interessted in this additional
info :slight_smile:

Just for clarification: you changed the characters to uppercase, the
B32 algorithm uses lowercase characters only plus digits. This
is mainly to avoid, for example, "B" - "8" misreadings (or G - 6 and
maybe others).

Regards,
Werner

路路路

Am 05.04.2012 10:54, schrieb Ingo Bauersachs:

Hey Yana, Werner, all

I created a small mockup of a changed security panel. The idea is to avoid too many alignment lines (is that a correct translation? "Fluchtlinien" in German). The current layout with the "i" (which does nothing for me), the people button, some weird letters is a bit messy.
Also, since we have the call-info window now, I think the chosen cipher can be displayed there. It has no use for a regular user.

Regards,
Ingo

-----Original Message-----
From: Werner Dittmann [mailto:Werner.Dittmann@t-online.de]
Sent: Donnerstag, 5. April 2012 09:41
To: dev@jitsi.java.net

<SNIP --- SNAP>


#10

Hi Ingo,

Just tried a call to take a look at the new panel, looks pretty cool! :slight_smile:

But I noticed a few issues, maybe you're already aware of them, but

anyway:

- The video encryption indication is wrong, at least for ZRTP
- On the initiating side of the call, I couldn't open (or close) the

flyout-panel once video was enabled (not immediately, but after maybe half

a

minute)

- The overall encryption information is wrong for SDES: The encryption is

in place, yet it's shown as insecure

I've worked on all three problems and committed some fixes. Could you

please

try with the last build and see if they're fixed for you?

- ZRTP Video still says it's secure when it's not

Should be fixed in revision 9529.

- The panel cannot be closed (same as before, but after resizing of the
window the flyout disappeared - but cannot be opened again)

Just fixed it, it should be ok in next build or r9528.

- SDES is working correctly now

However, regarding SDES, it is a bit confusing now that the tooltip says
"press for more info" when SDES actually does not have anything to say. The
"audio/video secure" indications could be moved to a common panel, and the
crypto-specific part (ZRTP, SDES, MIKEY) into a separate one. The panel for
SDES could then just say something like "The call is encrypted by SDES and
secure until the next hop."

Agree, will do.

Cheers,
Yana

路路路

On Apr 11, 2012, at 12:11 PM, Ingo Bauersachs wrote:

The technical call details window shows the correct information for
both SDES and ZRTP.

And from a usability perspective, it would be handy if the flyout-panel
could be closed by a click anywhere in the call window (or at least have

a

"close" button). It took me a few clicks to realize that I have to click

on

the red/orange/green part again.

Do you have the close button now or still nothing appears on your side?

No, still not visible :frowning:
I attached a screenshot of the call-window. Resizing doesn't help with
regard to the button's visibility.

Cheers,
Yana

Regards,
Ingo
<zrtp-call-window-without-close-button.png>


#11

Hey

It's an additional security feature describe in RFC 6189 and even better in
RFC 6189bis
and gives some better protection for example in case a device was
captured/stolen. See
quote below.

Okay, got it.

On top of what I just implemented (testing) I also would like to have
the ZID name in a more prominent place, not just as a tooltip in the SAS
panel and string. However, this required support from Yana because I
don't want to "destroy" the fine UI :-). Maybe we can have the name just
right of the "zrtp" label if a ZID name was set, i.e. not empty. I'm
just testing this possibility.

That would be cool to have. I'd require something similar for MIKEY (if I ever finish it): The CN of the certificate that was used to sign the keys.

Regards,
Ingo


#12

Hi guys,

Agree with all you say :slight_smile:

Ingo, I find your suggestion very good and will try to change the interface in this direction. I'm wondering how to manage smaller windows though, because our call window minimum size is a lot smaller than the one on the screenshot..Need to think about that.

I have just one question. What is the "Reject" button meant to do? I find it confusing and I'm not sure the user would know what happens when she presses "Reject".

Also I personally find the "i" button quite useful. A lot of people won't know what the Confirm and Clear buttons are about and the whole process isn't so intuitive for everybody, so it needs some clarification :slight_smile:

Cheers,
Yana

路路路

On Apr 5, 2012, at 11:55 AM, Werner Dittmann wrote:

Yana, Ingo, all,

looks nice to me. This shows the necessary information, additional
information, for example regarding cipher algorithm etc could be
inside a tooltip attached to the "secure audio" (or "secure video")
string. Most users IMHO are not really interessted in this additional
info :slight_smile:

Just for clarification: you changed the characters to uppercase, the
B32 algorithm uses lowercase characters only plus digits. This
is mainly to avoid, for example, "B" - "8" misreadings (or G - 6 and
maybe others).

Regards,
Werner

Am 05.04.2012 10:54, schrieb Ingo Bauersachs:

Hey Yana, Werner, all

I created a small mockup of a changed security panel. The idea is to avoid too many alignment lines (is that a correct translation? "Fluchtlinien" in German). The current layout with the "i" (which does nothing for me), the people button, some weird letters is a bit messy.
Also, since we have the call-info window now, I think the chosen cipher can be displayed there. It has no use for a regular user.

Regards,
Ingo

-----Original Message-----
From: Werner Dittmann [mailto:Werner.Dittmann@t-online.de]
Sent: Donnerstag, 5. April 2012 09:41
To: dev@jitsi.java.net

<SNIP --- SNAP>


#13

Hi Yana, Ingo

attached a new screenshot that show how to prominently display the ZID name
without the need to open a panel or move the mouse to get a tooltip. As usual,
thats a proposal and need some adjustements, for example additional text, etc.

Yana, if you like I can checkin my changes so you can start and also have
a look - what do you think?

Hi guys,

Agree with all you say :slight_smile:

Ingo, I find your suggestion very good and will try to change the interface in this direction. I'm wondering how to manage smaller windows though, because our call window minimum size is a lot smaller than the one on the screenshot..Need to think about that.

Yana, the screenshot look quite large but I didn't change the size of the call
window, that's the size that I get. Also Ingo just reordered the stuuf as far as
I can see. Maybe the screenshot program zoomed the picture.

I have just one question. What is the "Reject" button meant to do? I find it confusing and I'm not sure the user would know what happens when she presses "Reject".

Also I personally find the "i" button quite useful. A lot of people won't know what the Confirm and Clear buttons are about and the whole process isn't so intuitive for everybody, so it needs some clarification :slight_smile:

Cheers,
Yana

Best regards,
Werner

路路路

Am 05.04.2012 13:56, schrieb Yana Stamcheva:

On Apr 5, 2012, at 11:55 AM, Werner Dittmann wrote:


#14

Hey

Agree with all you say :slight_smile:

Ingo, I find your suggestion very good and will try to change the

interface

in this direction. I'm wondering how to manage smaller windows though,
because our call window minimum size is a lot smaller than the one on the
screenshot..Need to think about that.

Not sure how easy/possible at all this would be, but what about a real
"ballon" that can go beyond the actual window?

Another option is to separate the two popup-areas horizontally:
[ ] Secure Audio [ ] Secure Video

路路路

----------------------------------
Compare the letters s 3 b w with your partner.
ZRTP Identifier: ____________________

聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽[ Confirm ] [ Clear ]

I have just one question. What is the "Reject" button meant to do? I
find it confusing and I'm not sure the user would know what happens when
she presses "Reject".

It's the former "Clear"-Button. That one should be mutually enabled/disabled
with the Confirm button. The idea is that the UI layout and names don't
change because of a state-change. I don't mind keeping it "Clear", but well,
longer button texts would be useful here too:
[ Confirm SAS ] [ (Clear|Revoke) SAS [(confirmation|approval)] ]

However SAS should then be explained somewhere, e.g. "Compare the letters 's
3 bw' (known as SAS) with your partner".

Also I personally find the "i" button quite useful. A lot of people won't
know what the Confirm and Clear buttons are about and the whole process

isn't

so intuitive for everybody, so it needs some clarification :slight_smile:

I don't know what the i-Button does, because when I click on it, nothing
happens. Should it open the ZRTP-FAQ? If so, we should consider a Hyperlink
with "Help" or "More information" on it. At least that's how the Windows and
Office UI lately deals with Web-Links and IMO it makes things much clearer
than a button that I see for the first time here (and where I'd have to
hoover for the tooltip to know what it does).

Cheers,
Yana

Ingo


#15

Yana, the screenshot look quite large but I didn't change the size of
the call window, that's the size that I get. Also Ingo just reordered
the stuuf as far as I can see. Maybe the screenshot program zoomed the
picture.

The mockup was based on one of your pictures, it's not resized.
And the call windows are of similar size on Windows.

Ingo


#16

Hi Werner,

Hi Yana, Ingo

attached a new screenshot that show how to prominently display the ZID name
without the need to open a panel or move the mouse to get a tooltip. As usual,
thats a proposal and need some adjustements, for example additional text, etc.

As far as I understood it, the ZID could longer than that "qemu", no? I'm wondering how it would fit in the status bar if it's a longer string.

Yana, if you like I can checkin my changes so you can start and also have
a look - what do you think?

Hi guys,

Agree with all you say :slight_smile:

Ingo, I find your suggestion very good and will try to change the interface in this direction. I'm wondering how to manage smaller windows though, because our call window minimum size is a lot smaller than the one on the screenshot..Need to think about that.

Yana, the screenshot look quite large but I didn't change the size of the call
window, that's the size that I get. Also Ingo just reordered the stuuf as far as
I can see. Maybe the screenshot program zoomed the picture.

Oh, ok. Maybe it's zoom then.

Cheers,
Yana

路路路

On Apr 5, 2012, at 2:18 PM, Werner Dittmann wrote:

Am 05.04.2012 13:56, schrieb Yana Stamcheva:

I have just one question. What is the "Reject" button meant to do? I find it confusing and I'm not sure the user would know what happens when she presses "Reject".

Also I personally find the "i" button quite useful. A lot of people won't know what the Confirm and Clear buttons are about and the whole process isn't so intuitive for everybody, so it needs some clarification :slight_smile:

Cheers,
Yana

On Apr 5, 2012, at 11:55 AM, Werner Dittmann wrote:

Best regards,
Werner
<jitsi_zidName18.png>


#17

Hey Ingo,

Hey

Agree with all you say :slight_smile:

Ingo, I find your suggestion very good and will try to change the

interface

in this direction. I'm wondering how to manage smaller windows though,
because our call window minimum size is a lot smaller than the one on the
screenshot..Need to think about that.

Not sure how easy/possible at all this would be, but what about a real
"ballon" that can go beyond the actual window?

That's an option yes. We already do transparent and shaped windows for the regional desktop sharing, so we could use the same technique here. I'll have a look, to see how easy that could be.

Another option is to separate the two popup-areas horizontally:
[ ] Secure Audio [ ] Secure Video
----------------------------------
Compare the letters s 3 b w with your partner.
ZRTP Identifier: ____________________

聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽[ Confirm ] [ Clear ]

I'll try this out too and will send a screenshot.

I have just one question. What is the "Reject" button meant to do? I
find it confusing and I'm not sure the user would know what happens when
she presses "Reject".

It's the former "Clear"-Button. That one should be mutually enabled/disabled
with the Confirm button. The idea is that the UI layout and names don't
change because of a state-change. I don't mind keeping it "Clear", but well,
longer button texts would be useful here too:
[ Confirm SAS ] [ (Clear|Revoke) SAS [(confirmation|approval)] ]

However SAS should then be explained somewhere, e.g. "Compare the letters 's
3 bw' (known as SAS) with your partner".

Oh ok. If we keep the info button and add some tooltips we could keep "Confirm" and "Clear" I think.

Also I personally find the "i" button quite useful. A lot of people won't
know what the Confirm and Clear buttons are about and the whole process

isn't

so intuitive for everybody, so it needs some clarification :slight_smile:

I don't know what the i-Button does, because when I click on it, nothing
happens. Should it open the ZRTP-FAQ? If so, we should consider a Hyperlink
with "Help" or "More information" on it. At least that's how the Windows and
Office UI lately deals with Web-Links and IMO it makes things much clearer
than a button that I see for the first time here (and where I'd have to
hoover for the tooltip to know what it does).

Oh, I see. Actually the information opens in a tooltip, maybe if I just set the tooltip delay to 0 it would be better. I just don't like very much opening separate windows, which the user should then take care to close. So, my question is, would it be more intuitive for you if the tooltip shows right away when you hover the "i" icon?

Cheers,
Yana

路路路

On Apr 5, 2012, at 2:22 PM, Ingo Bauersachs wrote:

Cheers,
Yana

Ingo


#18

I don't know what the i-Button does, because when I click on it,
nothing happens. Should it open the ZRTP-FAQ? If so, we should consider
a Hyperlink with "Help" or "More information" on it. At least that's
how the Windows and Office UI lately deals with Web-Links and IMO it
makes things much clearer than a button that I see for the first time
here (and where I'd have to hoover for the tooltip to know what it
does).

Oh, I see. Actually the information opens in a tooltip, maybe if I just

set

the tooltip delay to 0 it would be better. I just don't like very much
opening separate windows, which the user should then take care to close.

So,

my question is, would it be more intuitive for you if the tooltip shows

right

away when you hover the "i" icon?

Now I got it :slight_smile:
The "i" is clickable, therefore I expected that something happens. Setting
the delay to zero would help, but the button should definitely not be
clickable if nothing happens on the click-event.

If you're able to "pull" out the whole panel, then I'd prefer some kind of
an expandable panel instead of a tooltip:

Closed:

路路路

------------------------------------------
[ ] Secure Audio [ ] Secure Video
------------------------------------------
Compare the SAS b 3 s w with your partner
ZID name: _______________________________
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽[Confirm] [Clear]

(i) More information
------------------------------------------

Opened:
------------------------------------------
[ ] Secure Audio [ ] Secure Video
------------------------------------------
Compare the SAS b 3 s w with your partner
ZID name: _______________________________
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽[Confirm] [Clear]

(i) More information
In order to be completely secured you<br/>\
need to verbally <b>compare</b> the short<br/>\
authentication string here left with your<br/>\
partner and press the confirm button when the <br/>\
string is verified.<br/><br/\
If you clear the confirmation, you'll be asked to verify<br/>\
next time when you call this partner

<a>Click here to open the ZRTP FAQ</a>
------------------------------------------
The (i) could also be the arrow already used in the SIP Wizard's Security
tab.

Another idea, instead of having two buttons that indicate a state, we could
also use a checkbox:

[x] SAS confirmed (i)

The tooltip could then be placed on the checkbox, which would be an expected
place for it. Attached is a screenshot how Outlook deals with a
checkbox-tooltip.

Oh, and: If I clicked "Confirm", I'd expect that the popup closes
automatically :slight_smile:

This went into a big discussion :slight_smile:
Would love to hear some other comments, as I think this is a crucial part of
Jitsi's UI...

Ingo


#19

Hi Yana,

Hi Werner,

Hi Yana, Ingo

attached a new screenshot that show how to prominently display the ZID name
without the need to open a panel or move the mouse to get a tooltip. As usual,
thats a proposal and need some adjustements, for example additional text, etc.

As far as I understood it, the ZID could longer than that "qemu", no? I'm wondering how it would fit in the status bar if it's a longer string.

Right, can go longer - that's why I'm plaing a bit how to do it :slight_smile: .
Another option:
if the name is longer than, say 6 characater, display is like "Name12..." and populate
the tooltip with the full name. The tooltip will display the name anyways. Thus the
user sees that there is a name, its first part and when the mouser hovers over the field
the tooltip shows up.

Would this an idea?

Regards,
Werner

路路路

Am 05.04.2012 14:26, schrieb Yana Stamcheva:

On Apr 5, 2012, at 2:18 PM, Werner Dittmann wrote:


#20

Hey Ingo,

I don't know what the i-Button does, because when I click on it,
nothing happens. Should it open the ZRTP-FAQ? If so, we should consider
a Hyperlink with "Help" or "More information" on it. At least that's
how the Windows and Office UI lately deals with Web-Links and IMO it
makes things much clearer than a button that I see for the first time
here (and where I'd have to hoover for the tooltip to know what it
does).

Oh, I see. Actually the information opens in a tooltip, maybe if I just

set

the tooltip delay to 0 it would be better. I just don't like very much
opening separate windows, which the user should then take care to close.

So,

my question is, would it be more intuitive for you if the tooltip shows

right

away when you hover the "i" icon?

Now I got it :slight_smile:
The "i" is clickable, therefore I expected that something happens. Setting
the delay to zero would help, but the button should definitely not be
clickable if nothing happens on the click-event.

Ok, agree.

If you're able to "pull" out the whole panel, then I'd prefer some kind of
an expandable panel instead of a tooltip:

Closed:
------------------------------------------
[ ] Secure Audio [ ] Secure Video
------------------------------------------
Compare the SAS b 3 s w with your partner
ZID name: _______________________________
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽[Confirm] [Clear]

(i) More information
------------------------------------------

Opened:
------------------------------------------
[ ] Secure Audio [ ] Secure Video
------------------------------------------
Compare the SAS b 3 s w with your partner
ZID name: _______________________________
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽[Confirm] [Clear]

(i) More information
In order to be completely secured you<br/>\
need to verbally <b>compare</b> the short<br/>\
authentication string here left with your<br/>\
partner and press the confirm button when the <br/>\
string is verified.<br/><br/\
If you clear the confirmation, you'll be asked to verify<br/>\
next time when you call this partner

<a>Click here to open the ZRTP FAQ</a>
------------------------------------------
The (i) could also be the arrow already used in the SIP Wizard's Security
tab.

That's an option. Any other opinions here?

Another idea, instead of having two buttons that indicate a state, we could
also use a checkbox:

[x] SAS confirmed (i)

The tooltip could then be placed on the checkbox, which would be an expected
place for it. Attached is a screenshot how Outlook deals with a
checkbox-tooltip.

I find that if we're using a check box this doesn't make it clear enough that we expect an action to be made. The "Confirm" button clearly tells the user that we expect them to confirm the string, after which the security is fully in place, which is indicated by the change of the color.

Oh, and: If I clicked "Confirm", I'd expect that the popup closes
automatically :slight_smile:

Ok, agree.

This went into a big discussion :slight_smile:
Would love to hear some other comments, as I think this is a crucial part of
Jitsi's UI...

Agree! Anyone else ? :slight_smile:

Cheers,
Yana

路路路

On Apr 5, 2012, at 4:48 PM, Ingo Bauersachs wrote:

Ingo
<outlook.png>