I recall reading at least one study of learning PGP and its UI. I have had the chance to observe half a dozen (albeit, smarter than normal) others' (mostly engineers) learning curves. All are using PGP 7.03 and Eudora 3.05. We are not using public key servers. Mistakes include: * neglecting to encrypt to an intended recipient's key * encrypting to self (only) * not encrypting to self, requiring a recipient to send it back to you * accidentally multiply encrypting a message (ie, you encrypt the encrypted ASCII) Problems also include not being able to rename the email address associated with a key, leading to some recipients being recognized and encrypted to, others not. Also errors if there are spaces added to the PGP ASCII block. Yes, there are checkbox-features and PGP Groups and sufficient GUI feedback such that these mistakes are "not the tool's fault". And I/we appreciate these features and overall excellent design. Yet there are also people who enjoy studying UI design, cognition, learning, etc. and perhaps these anecdotal observations would be useful. After all, Enigma was broken by exploiting the man-machine interface. No one new to any tool should be using it for life-critical apps before competent. The above mistakes more self-inflicted denial of service problems than tool weaknesses. In fact, one group member accidentally sent email to a random user in the sender's ISP (because of the sender's Eudora-alias not matching the alias he typed in the To: field). This didn't matter because the content was encrypted. You often put locks on things (cars, homes, throwaway email accounts) to protect against benign, accidental intrusions, even if the lock is easily defeated/circumvented. We just happened to be using a strong lock, endorsed by the Red Brigade :-) ------- Pierre Curie didn't die from radiation poisoning, he was hit by a horse drawn cart