Page MenuHome GnuPG

Kleopatra: "Not certified" Status for Validity with multiple user ids
Open, WishlistPublic


The Problem is that if a key has mutliple userids and one does only certify one of these the overall status is "not certified".
This is something I do not have a good answer to resolve. Maybe another "partially certified" state?

I have a good example where this happens in my keyring. Filtering for trusted-certificates, I was slightly confused why it inlcuded "non certified" certificates:

So when I look at the table, the primary userid would be certified, but not the others. :/ Even just indicating that the certificate has more userids might be a user experience improvement in this case so maybe we should add that as an optional column?

It is also a bit of a problem we have in VS-NfD. To workaround this we defined "All UserIDs must be certified" for VS-NfD. So if a public key adds a uid on update, it might switch from compliant to non-compliant.

Open to suggestions.

Event Timeline

aheinecke created this task.

I think showing "partially certified" makes sense.

For VS-NfD I have no opinion.

I just thought, that we should still show "not certified" if the primary user ID is not certified because Kleopatra always displays the primary user ID (except in the Certificate Details).

ikloecker mentioned this in Unknown Object (Maniphest Task).Aug 2 2023, 12:28 PM