Page MenuHome GnuPG

Kleopatra: Remove X509 as much as possible
Open, NormalPublic


Technically correct would be to call the keys in Kleopatra for S/MIME X509 Certificates, which can be used in the Cryptographic Message Syntax to encrypt. For example MIME Messages in the S/MIME Standard.

This is what Kleopatra did in the past. But users are used to "S/MIME + OpenPGP" at most. Everything else is too technical for the masses.

Feedback I get from institutional users is that their users are confused.
So in certificate details we might still talk about X.509 but in all places where end users and not admins should come into contact with keys this should be changed.

I'm closing this task after making some small changes but I want to document this decision for the future.

Event Timeline

Well that was easy. All down to Libkleo::Formatting::displayName

I think you have missed the Key Pair Creation Wizard:

Create a personal X.509 key pair and certification request


We may also want to change/improve the appdata description of Kleopatra (which is supposed to be used in different package managers/app stores). It currently reads

Kleopatra is a certificate manager and a universal crypto GUI.
It supports managing X.509 and OpenPGP certificates in the GpgSM keybox and retrieving certificates from LDAP servers.


Right that description sounds like it is ~20 years old ;-)

Maybe something like:
Kleopatra, the user interface for GnuPG cryptography.
It supports managing keys for OpenPGP and S/MIME and encrypts files and text.

So people searching for GnuPG OpenPGP and S/MIME would find it based on this description.