Hi Werner,

I'm sorry to reopen but here's why.
As per my initial statement I took list of folders mentioned here from '%ProgramFiles(x86)%\Gpg4win\share\gpg4win\README.en.txt' and '%ProgramFiles(x86)%\Gpg4win\share\gpg4win\HOWTO-SMIME.en.txt' but from within both files (so far) there's no real clue that all such mentioned folders are 'optional' also because (so far) such word was not added near words used before describing all those folders.
So could you please just consider this issue as a 'Documentation improvement' (my wording is only quoted because as of now I'm unsure if my own definition might really correspond to an already existing tag on this Phabricator system) ?
Also because of this I'm assuming it would probably be very much easier to handle and close again.
And here are related changes I'd like to propose for future version contents :

• in '%ProgramFiles(x86)%\Gpg4win\share\gpg4win\README.en.txt':

"* GnuPG: Now supports system wide configuration files in

"%ProgramData%\GNU\etc\gnupg" **//optional folder//** so that, **//when needed//**
Administrators can both set defaults and enforce a specific configuration.
The Format is the same as the user configuration under "%AppData%\gnupg"
with additional syntax to enforce some options and ignore other options. (T4788)"

• in '%ProgramFiles(x86)%\Gpg4win\share\gpg4win\HOWTO-SMIME.en.txt' related excerpts:
• "1. Store the root certificates
  
  Copy root certificate file into new optional folder for eventual Administrators' specific needs:
  
  %ProgramData%\GNU\etc\gnupg\trusted-certs
  
  e.g.:
  
  C:\ProgramData\GNU\etc\gnupg\trusted-certs

...";

• "2. Store intermediate certificates
  
  Some Certificate Authorities require additional intermediate certificates.
  
  Copy intermediate certificates into new optional folder for eventual Administrators' specific needs:
  
  %ProgramData%\GNU\etc\gnupg\extra-certs
  
  e.g.:
  
  C:\ProgramData\GNU\etc\gnupg\extra-certs

...";

• "3. Set root trust
  
  a) Open the following new text file with a text editor into new optional folder for eventual Administrators' specific needs:
  
  %ProgramData%\GNU\etc\gnupg\trustlist.txt
  
  e.g.:
  
  C:\ProgramData\GNU\etc\gnupg\trustlist.txt

...".

Please also note that because I also re-read initial statement before above 3 ones and also statement following them, I'm also proposing these changes too (in excerpted parts only) :

• "To avoid that each user must search and install the required root

certificates, and also check and authenticate the trustworthiness of
the same, it is useful to install an optional system-wide default of the most
important root certificates before proceeding with Gpg4win installation:
..."

• "4. Complete Gpg4win installation and restart computer
  
  a) Enable the option "Root certificate defined or skip configuration".
  
  b) Complete the Gpg4win installation wizard regular.

...".
In addition to this I also re-read following step c) again and so about its contents for now I'm not proposing any change also because I have some new related questions and quite obviously, they're also related to current non-standard configuration I'm still having on my system because of T5593 issue (and also because of those known effects I already reported there, after end of its installation I'm basically still unsure that Gpg4win installation indeed completed correctly as typically expectable).

So here are my questions (please note that because of them now I may also have found another hidden effect also resulting from T5593 reported displayed error main effect) :
Because in step c) user/Administrator is required to :
"Restart your computer! (Required because the DirMngr have to

read your root certificates from step (1).)"

• A) am I right to also assume that DirMngr is only always being automatically executed at OS system startup ?
• B) and so also because of this, ain't I also right to assume that, after end of Gpg4win T5593 setup, I too should have been able to find DirMngr specified into a new registry key value created into 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run' registry path ?

Many thanks in advance for your comprehension and your (hopefully) next replies.
P.S. Just in case you might just reply no to both A) and B) previous questions here's 2 more also related:
C) wouldn't this also mean that if DirMngr is not executed at OS system startup, then it should just very likely be executed at user level only (so basically every time after user logons into OS) ?
D) and as such shouldn't I, after end of both Gpg4win setups that took place in T5593, have had to find DirMngr specified into a new registry value to be found into 'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run' registry path ?

But if your answers to C) and D) should just be yes:
E) Shouldn't this also mean that in above mentioned step c) user/Administrator should instead not really reboot, but rather just better only log out and log on again ?
Please note that this last assumption was also some more reinforced because of this excerpted statement I've found into T4788 after reading it: "... Currently our institutional deployment runs a login script for this."

P.P.S.
Shouldn't inside next version 'HOWTO-SMIME.en.txt' be better to replace 'Ansicht' term with 'View' ?

Best Regards