Just a note about translating the validation phrase: After talking to William about this, there are valid security concerns about not making this translatable.
An attacker could, for example, submit a translation that happened to match some signed text they'd received (in an email, perhaps) from a key they want to claim as their own.
I'd hope that we have something like reviews of translation messages, but I can easily imagine how such a change might get lost in the noise.
We might want to translate this in the future, but we should think very carefully about how we do this in a safe, secure manner.
Just a note about translating the validation phrase: After talking to William about this, there are valid security concerns about not making this translatable.
An attacker could, for example, submit a translation that happened to match some signed text they'd received (in an email, perhaps) from a key they want to claim as their own.
I'd hope that we have something like reviews of translation messages, but I can easily imagine how such a change might get lost in the noise.
We might want to translate this in the future, but we should think very carefully about how we do this in a safe, secure manner.