Page MenuHome GnuPG
Create Task
Maniphest T6881

Kleopatra: Make designated revoker configurable for new keys
Closed, WontfixPublic
Actions

Description

An Administrator in an organisation should be able through the registry (kleopatrarc registry config mechanism) to set a key as a designated revoker for all newly created keys. This will mean adding support for ‐‐add‐desig‐revoker to GPGME.

Revisions and Commits

rKLEOPATRA Kleopatra
rKLEOPATRA5046ce36fb03 Revert "Add config option for adding a designated revoker for all new keys"
rKLEOPATRA5a98e8907a51 Revert "Add config option for adding a designated revoker for all new keys"
rKLEOPATRAacc5453e8475 Revert "Add config option for adding a designated revoker for all new keys"
rKLEOPATRAed545b67f2e0 Revert "Add config option for adding a designated revoker for all new keys"
rKLEOPATRA271636f4c19f Revert "Add config option for adding a designated revoker for all new keys"
rKLEOPATRA3be1cc9782ad Revert "Add config option for adding a designated revoker for all new keys"
rKLEOPATRA1b67fce5fa70 Add config option for adding a designated revoker for all new keys
rKLEOPATRA9e94c307c233 Add config option for adding a designated revoker for all new keys
rKLEOPATRA205b5e724dea Add config option for adding a designated revoker for all new keys
rKLEOPATRA416d24d0e5f3 Add config option for adding a designated revoker for all new keys
rKLEOPATRA06e3b29bad24 Add config option for adding a designated revoker for all new keys

Related Objects

Event Timeline

aheinecke triaged this task as Normal priority.Dec 12 2023, 9:25 AM
aheinecke created this task.
aheinecke mentioned this in T6882: Make ADSK configurable for new keys.Dec 12 2023, 9:29 AM
TobiasFella added a commit: rKLEOPATRA06e3b29bad24: Add config option for adding a designated revoker for all new keys.Jan 5 2024, 2:10 PM
TobiasFella added a commit: rKLEOPATRA416d24d0e5f3: Add config option for adding a designated revoker for all new keys.
TobiasFella added a commit: rKLEOPATRA205b5e724dea: Add config option for adding a designated revoker for all new keys.Jan 15 2024, 4:41 PM
TobiasFella added a commit: rKLEOPATRA9e94c307c233: Add config option for adding a designated revoker for all new keys.Jan 15 2024, 4:59 PM
TobiasFella moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Jan 23 2024, 11:42 AM
TobiasFella moved this task from Backlog to WiP on the vsd33 board.Feb 15 2024, 8:56 AM
TobiasFella changed the task status from Open to Testing.Feb 15 2024, 9:05 AM
werner moved this task from WiP to Backlog on the vsd33 board.Apr 30 2024, 2:47 PM
ikloecker added a commit: rKLEOPATRA1b67fce5fa70: Add config option for adding a designated revoker for all new keys.May 6 2024, 5:04 PM
ikloecker moved this task from Backlog to WiP on the vsd33 board.May 7 2024, 10:59 AM
TobiasFella added a comment.May 22 2024, 3:32 PM

this has been implemented since february 2023 in all gnupg versions

werner changed the task status from Testing to Open.May 22 2024, 6:23 PM
werner added a project: gnupg22.
werner added a subscriber: werner.

Although it is implemented in gnupg-2.2 we should add another feature: Iff this option is configured, gpg shall try to load the requested key from LDAP in the same manner as it does for a trusted-key.

ikloecker added a subscriber: ikloecker.May 22 2024, 9:20 PM

I think it would be cleaner to create a separate ticket for making gpg fetch the requested key from LDAP.

TobiasFella added a commit: rKLEOPATRA3be1cc9782ad: Revert "Add config option for adding a designated revoker for all new keys".May 23 2024, 10:00 AM
TobiasFella added a commit: rKLEOPATRA271636f4c19f: Revert "Add config option for adding a designated revoker for all new keys".May 23 2024, 10:18 AM
TobiasFella added a commit: rKLEOPATRAed545b67f2e0: Revert "Add config option for adding a designated revoker for all new keys".May 23 2024, 10:20 AM
TobiasFella added a commit: rKLEOPATRAacc5453e8475: Revert "Add config option for adding a designated revoker for all new keys".
TobiasFella added a commit: rKLEOPATRA5a98e8907a51: Revert "Add config option for adding a designated revoker for all new keys".
ebo closed this task as Wontfix.May 23 2024, 10:23 AM
ebo removed projects: gnupg22, Restricted Project, vsd33.
ebo added a subscriber: ebo.

I've moved the gpg task to a new ticket, T7133: Add feature to load designated revoker from LDAP
The Kleopatra task is obsolete, as it was noticed that the proposed option is already in gpg and should not be implemented twice.

TobiasFella added a commit: rKLEOPATRA5046ce36fb03: Revert "Add config option for adding a designated revoker for all new keys".May 23 2024, 10:56 AM