Page MenuHome GnuPG
Create Task
Maniphest T6769

Kleopatra: Change warning on keyserver upload
Closed, ResolvedPublic
Actions

Description

Edit 2025-01-29: The ticket mutated from "improve warning" to "no warning for upload to LDAP"

When uploading a certificate via Kleopatra you always get the same warning text, regardless if its your own or another ones. And the keyserver setting is not taken into account either. If its a public keyserver or a local AD does make a difference, though.

Current text:

<para>When OpenPGP certificates have been exported to a public directory 
server, it is nearly impossible to remove them again.</para><para>Before 
exporting your certificate to a public directory server, make sure that you 
have created a revocation certificate so you can revoke the certificate if 
needed later.</para><para>Are you sure you want to continue?</para>

The warning about the revocation certificate probably obsolete for your own certificates, too, as it is automatically created on key generation nowadays.

Regarding text changes because of public keyserver via AD, there also is ticket T6663 in the context of certification.

Revisions and Commits

rKLEOPATRA Kleopatra
rKLEOPATRA17bf41bf00ff Don't ask for confirmation when publishing to an LDAP server
rKLEOPATRAcfd8aee40a54 Don't ask for confirmation when publishing to an LDAP server
rKLEOPATRA44707150ad59 Don't ask for confirmation when publishing to an LDAP server

Related Objects

Event Timeline

ebo created this task.Oct 20 2023, 12:03 PM
aheinecke triaged this task as Normal priority.Oct 23 2023, 7:30 PM
aheinecke added a subscriber: aheinecke.

IMO for LDAP we should not warn at all. Because there it is possible to remove certificates.

I think that with the revocation should be kept. Because otherwise we would need to inform users where the revocation certificates are kept, so it is better if they save them themself. Although in the spirit of always providing the user with a clear next step I would like to see that the dialog offers a way to create a revocation certificate for a key for which a secret is available directly from the dialog.

so you can revoke the certificate if needed later.

Maybe change that to "if it is compromised, lost, or you forgot your password"

TBH I find the word "revocation" a bit hard to understand for laymen.

TobiasFella added a commit: rKLEOPATRA44707150ad59: Don't ask for confirmation when publishing to an LDAP server.May 13 2024, 3:25 PM
TobiasFella claimed this task.May 13 2024, 3:25 PM
TobiasFella moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
TobiasFella added a commit: rKLEOPATRAcfd8aee40a54: Don't ask for confirmation when publishing to an LDAP server.May 14 2024, 11:03 AM
ikloecker added a project: vsd33.Jun 7 2024, 2:12 PM
ikloecker added a subscriber: ikloecker.

backported for vsd33 to avoid conflicts with changes for T7076

ikloecker moved this task from Backlog to WiP on the vsd33 board.Jun 7 2024, 2:12 PM
ikloecker added a commit: rKLEOPATRA17bf41bf00ff: Don't ask for confirmation when publishing to an LDAP server.Jun 7 2024, 3:12 PM
TobiasFella changed the task status from Open to Testing.Aug 8 2024, 10:54 AM
ebo moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Oct 1 2024, 3:55 PM
ikloecker mentioned this in T7395: Prepare Release Notes for Gpg4win 4.4.0 for Kleopatra.Nov 13 2024, 5:04 PM
ebo moved this task from WiP to QA on the vsd33 board.Dec 16 2024, 11:19 AM
ebo added a comment.EditedJan 21 2025, 4:07 PM

With VS-Desktop-3.2.94.481-Beta:
If an Ldap NtdsKeyserver is configured, there is now no warning on the upload. But the success message is wrong or at least not right:
"OpenPGP certificates exported successfully." Made me think I did mistakenly choose something other than "Publish on server".
And the menu entry is "Publish on Server..." so there has to be another window before action is taken.

The text and behavior for a configured public keyserver was not changed. It seems that part has wandered to T6663 which is scheduled for gpg5x.

ebo renamed this task from Kleopatra: Improve warning on keyserver upload to Kleopatra: Change warning on keyserver upload.Wed, Jan 29, 10:06 AM
ebo updated the task description. (Show Details)
ebo mentioned this in T7495: Draft: Kleopatra: Improve success message on keyserver upload.Wed, Jan 29, 10:35 AM
ebo mentioned this in T7496: Kleopatra: Unify the UI process for server upload.Wed, Jan 29, 11:13 AM
ebo closed this task as Resolved.Wed, Jan 29, 11:46 AM
ebo moved this task from QA to vsd-3.3.0 on the vsd33 board.
ebo edited projects, added vsd33 (vsd-3.3.0); removed vsd33.
ebo moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.

Closing as there are now 2 follow up tickets for the open issues I found.