Page MenuHome GnuPG
Create Task
Maniphest T6152

Text for Import of S/MIME certificates
Open, NormalPublic
Actions

Description


This text is particularly confusing if you import several certificates at once, because it is then unclear which password is required. For this, the name of the file to be imported should be mentioned in the question. But this is not a typical usecase, so maybe not.

If you enter a wrong password in a window, the error message will only be given after you have answered all requests for the transport passwords.
If we should want to support importing several of these at once, that is impractical.

Suggestion for easier language: "Bitte vergeben Sie ein neues Passwort für das Zertifikat" "Please assign a new password for the certificate"
But at least change passphrase to password in German, to keep it consistent.

Related Objects

Event Timeline

ebo created this task.Aug 24 2022, 11:15 AM
ikloecker added a project: gnupg.Aug 24 2022, 2:44 PM
werner triaged this task as Normal priority.Aug 24 2022, 6:25 PM
werner added projects: S/MIME, Feature Request.
werner added a subscriber: werner.

The PKCS#12 import was a late add-on because I consider P#12 to be a nasty and insecure format. Unfortunately it survived and is now the mainly used interchange format. Eventually we need to improve things here. However, ppl should use smartcards for S/MIME.

ikloecker mentioned this in T6302: Kleopatra: Report failed imports immediately when importing multiple files.Dec 6 2022, 9:57 AM
ikloecker added a subscriber: ikloecker.Dec 6 2022, 10:17 AM

If you enter a wrong password in a window, the error message will only be given after you have answered all requests for the transport passwords.

This was changed with T6302: Kleopatra: Report failed imports immediately when importing multiple files.

ebo added a comment.Jul 24 2023, 4:33 PM

yes, one down, two to go...

  1. Please give the name of the PKCS#12 object in the pinentry-window for which the transport password has to be typed in.
  2. Text change for new password window (giving the name of the certificate/file here again would be a bonus but not really necessary, as it is the same one as in the window before)
ikloecker added a comment.Jul 26 2023, 11:51 AM

Currently, Kleopatra cannot do anything about this. get_passphrase in protect-tool.c asks those questions and doesn't support a way to give the user more context (e.g. by providing the file name). Once gpg-agent allows giving context, Kleopatra can add for example the file name to the data to import.