Page MenuHome GnuPG
Create Task
Maniphest T5245

Kleopatra: Add support for trust signatures / trusted introducer
Closed, ResolvedPublic
Actions

Description

To implement a CA structure with intermediates we need to have the structure:

Root CA -> Is configured on the system as trusted-key

The Root CA then signs the Intermediate CA as trusted introducer.

Then the CA can sign client certificates without having to set "Ownertrust" in the client because the client already has the ownertrust value because of the trusted introducer signature.

GnuPG already supports this but at some point we would like to have support in the GUI.

Details

Version
master

Revisions and Commits

rLIBKLEO Libkleo
rLIBKLEO28d8291f6ba9 Add information about trust signatures to UserIDListModel
rLIBKLEO941f82fbbe48 Add enum for model columns
rLIBKLEO628ea4b79991 Always add the Tags column to the model
rKLEOPATRA Kleopatra
rKLEOPATRA4cdcf5def6eb Remove separate certificatedetailswidget.ui
rKLEOPATRA7d49a67a3f4a Show information about trusted introducers in certificate details
rKLEOPATRA40013fb8477d Hide Tags column if tag support is not enabled
rKLEOPATRAd47a5a266cf1 Modernize code and sort includes
rKLEOPATRA00c7c920c5bd Move CertificateDetailsDialog to *.h/*.cpp of its own
rKLEOPATRA80a9c0d039ee Use std::unique_ptr for pimpl
rKLEOPATRAddf99af924cd Exclude key to certify from possible certification keys
rKLEOPATRA3fcfe9ead9d6 Prefill the trust signature domain
rKLEOPATRA3af53c4fc238 Modernize and clean up a bit
rKLEOPATRAdb59674bda1b Allow certifying a key as trusted introducer for a domain
rKLEOPATRA2cb7c1e23304 Add info button explaining the "Certify as trusted introducer" option
rKLEOPATRAf2e5d1fe98c1 Refactor CertifyWidget and CertifyCertificateDialog
rKLEOPATRAf2062056b35d Remove not implemented member function
rKLEOPATRA4aca43dc2ac0 Use std::unique_ptr for d-pointer and initialize members in-class
rKLEOPATRA4c3d353bcd98 Remove unused setters
rM GPGME
rM0d03f31e07e6 qt: Fix API documentation
rMdae01f8185e0 qt: Pimpl QGpgMESignKeyJob
rMf0858e45b0be qt: Extend SignKeyJob to create trust signatures
rMa8d7b9d16796 cpp: Add support for trust signatures to sign key edit interactor
rM276187f6b62a core: Extend gpgme_key_sig_t with trust signature members.
rMe391a08c6f96 cpp: Add getters for the attributes of a trust signature

Related Objects
Search...

Event Timeline

aheinecke created this task.Jan 18 2021, 11:19 AM
aheinecke raised the priority of this task from Wishlist to High.Apr 12 2021, 2:43 PM

Hi Ingo, If you run out of work you can do this next. Its already something that I'm showing during product presentations and a workflow I would like to recommend.

ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Apr 29 2021, 9:31 AM
ikloecker mentioned this in D530: gpgme: Add support for trust signatures to key list result.May 4 2021, 12:13 PM
ikloecker added a commit: rMe391a08c6f96: cpp: Add getters for the attributes of a trust signature.May 6 2021, 2:28 PM
ikloecker added a commit: rM276187f6b62a: core: Extend gpgme_key_sig_t with trust signature members..
ikloecker added a commit: rMa8d7b9d16796: cpp: Add support for trust signatures to sign key edit interactor.
ikloecker added a commit: rMdae01f8185e0: qt: Pimpl QGpgMESignKeyJob.
ikloecker added a commit: rMf0858e45b0be: qt: Extend SignKeyJob to create trust signatures.
ikloecker closed subtask T5419: gpgme: Add support for trust signatures to key list result as Resolved.May 6 2021, 3:15 PM
ikloecker closed subtask T5420: gpgme++: Add read-only support for trust signatures as Resolved.
ikloecker closed subtask T5421: gpgme++, qgpgme: Add support for creating trust signatures as Resolved.May 10 2021, 9:27 AM
ikloecker added a commit: rKLEOPATRA4c3d353bcd98: Remove unused setters.May 10 2021, 4:31 PM
ikloecker added a commit: rKLEOPATRA4aca43dc2ac0: Use std::unique_ptr for d-pointer and initialize members in-class.
ikloecker added a commit: rKLEOPATRAf2062056b35d: Remove not implemented member function.
ikloecker added a commit: rKLEOPATRAf2e5d1fe98c1: Refactor CertifyWidget and CertifyCertificateDialog.
ikloecker added a commit: rKLEOPATRAdb59674bda1b: Allow certifying a key as trusted introducer for a domain.
ikloecker added a commit: rKLEOPATRA3af53c4fc238: Modernize and clean up a bit.
ikloecker added a commit: rKLEOPATRA2cb7c1e23304: Add info button explaining the "Certify as trusted introducer" option.
ikloecker added a commit: rKLEOPATRA3fcfe9ead9d6: Prefill the trust signature domain.
ikloecker added a commit: rKLEOPATRAddf99af924cd: Exclude key to certify from possible certification keys.May 11 2021, 9:45 AM
ikloecker added a commit: rLIBKLEO941f82fbbe48: Add enum for model columns.May 12 2021, 5:12 PM
ikloecker added a commit: rLIBKLEO628ea4b79991: Always add the Tags column to the model.
ikloecker added a commit: rLIBKLEO28d8291f6ba9: Add information about trust signatures to UserIDListModel.
ikloecker added a commit: rKLEOPATRAd47a5a266cf1: Modernize code and sort includes.May 12 2021, 5:16 PM
ikloecker added a commit: rKLEOPATRA00c7c920c5bd: Move CertificateDetailsDialog to *.h/*.cpp of its own.
ikloecker added a commit: rKLEOPATRA80a9c0d039ee: Use std::unique_ptr for pimpl.
ikloecker added a commit: rKLEOPATRA4cdcf5def6eb: Remove separate certificatedetailswidget.ui.
ikloecker added a commit: rKLEOPATRA40013fb8477d: Hide Tags column if tag support is not enabled.
ikloecker added a commit: rKLEOPATRA7d49a67a3f4a: Show information about trusted introducers in certificate details.
ikloecker changed the task status from Open to Testing.May 12 2021, 5:25 PM
ikloecker reassigned this task from ikloecker to aheinecke.
ikloecker closed subtask T5429: Kleopatra: Display information about trust signatures as Resolved.
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ikloecker added a subscriber: ikloecker.
ikloecker added a commit: rM0d03f31e07e6: qt: Fix API documentation.Jun 17 2021, 9:48 AM
ikloecker closed this task as Resolved.Oct 20 2021, 4:26 PM
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Oct 20 2021, 4:38 PM