Page MenuHome GnuPG

GPGSM: "always trust like override" or "force" option
Closed, ResolvedPublic

Description

A wish from a customer, they sometimes do not have a trusted root CA or an incomplete certificate chain or CRL problems but would still like to encrypt even though it might be less secure.
This usually results in them sending out information they would like to have encrypted, unencrypted as it is not possible in the GnuPG UIs to show a warning (like we do for untrusted OpenPGP certs) and encrypt anyway. This creates a bad user experience so I tend to agree with this customer wish.

Perfect solution would be some "Trust on first use / direct trust" style "I want to trust this leaf certificate and nothing else" which might also be a solution for the current "User Trustlist" which is not denied by default in GnuPG VSD.

Event Timeline

aheinecke triaged this task as Wishlist priority.Jun 26 2023, 8:37 AM
aheinecke created this task.
aheinecke raised the priority of this task from Wishlist to Normal.Jul 18 2023, 1:12 PM

I am raising this up from the wishlist. Error messages from CRL errors can be so obscure, like we just had in a support call.

For me it is a User Experience "bug/issue" because the user experience is horrible. And that does not reflect bad on S/MIME but on our software. In fact if we had a dialog we could write something like: "Forced online validation of certificates often leads to problems with S/MIME. Do you wish to encrypt anyway?" <encrypt without strict VS-NfD compliance> <no>

My customer right now just had "Unknown error" but often times we see something like "No Name" or other such error messages that the user cannot put into context.

werner moved this task from Backlog to QA on the gnupg22 board.
werner added a subscriber: werner.
aheinecke mentioned this in Unknown Object (Event).Mon, Sep 4, 8:56 AM
ebo changed the task status from Open to Testing.Thu, Sep 7, 10:51 AM
aheinecke mentioned this in Unknown Object (Event).Mon, Sep 11, 9:02 AM
aheinecke mentioned this in Unknown Object (Event).Mon, Sep 18, 9:12 AM

Tested on the command line with

  • a previously valid certificate after setting its root certificate to untrusted
  • a expired certificate without the root certificate in the certificate list

after adding "--always-trust" encryption for both test certificates succeeded:

gpgsm: Benutztes Gültigkeitsmodell: bypass
gpgsm: encrypted data created
ebo claimed this task.
ebo moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Mon, Sep 18, 3:42 PM
ebo edited projects, added gnupg22 (gnupg-2.2.42); removed gnupg22.