If a key has more than one UID and one of them is not certified, it is shown as "not certified" in the certificate list.
But when you select such a key in the sign/encrypt dialog, a green check is shown next to it. Although it says "not certified" behind the key-id, the thing one's focus is on is the green symbol, which is misleading.
For non-vsde-enabled installations the green check symbol is okay because in the given context (encryption) it indicates that the key can be used.
On the other hand, in vsde-enabled installations the key cannot be used for compliant operations. Therefore, in this case using a different symbol may be better, so that the user can immediately spot the problematic certificate.
I think this is resolved. In the Sign/Encrypt dialog we now offer the individual user IDs instead of the certificates, i.e. the two user IDs of the Udo certificate are both offered and one should be listed as certified and the other one as not certified (if one is certified and the other one isn't; for me both user IDs are ultimately trusted).
Tested Gpg4win 4.4:
Interesting, when you search for the UID, it looks as before, with the green check mark:
When you then choose the not certified UID the icon changes to the blue "!":
Ideally, the icon should be the "!" in both cases.
Looks like there's something not correct in the completion model. Or we use different criteria for showing the blue "i" (as "information") which doesn't make it better. Reopen?