Page MenuHome GnuPG
Create Task
Maniphest T7190

Kleopatra: wrong claim of update in WKD for keys with no mail address
Testing, NormalPublic
Actions

Description

If you have checked the option "Query certificate directories of providers for all user IDs" then updating a certificate in Kleopatra which has no mail address will result in the message "The certificate has been updated." regarding the query to WKD.

As the certificate is not in any WKD, this statement can not be true.

Details

Version
Version 3.2.2.2405000+git~ (Gpg4win-4.3.2-beta35)

Revisions and Commits

rKLEOPATRA Kleopatra
rKLEOPATRA5aa26a22922e Improve result reporting for the certificate refresh
rKLEOPATRA577aab168ac2 Only refresh non-revoked user IDs with email addresses via WKD
rKLEOPATRAaebfdc6f2e2e Improve result reporting for the certificate refresh
rKLEOPATRA32310449ffef Only refresh non-revoked user IDs with email addresses via WKD

Related Objects

Event Timeline

ebo created this task.Jul 5 2024, 4:20 PM
ebo added a subscriber: ikloecker.
ikloecker added a commit: rKLEOPATRA32310449ffef: Only refresh non-revoked user IDs with email addresses via WKD.Jul 5 2024, 5:04 PM
ikloecker added a commit: rKLEOPATRAaebfdc6f2e2e: Improve result reporting for the certificate refresh.
ikloecker claimed this task.Jul 5 2024, 5:05 PM
ikloecker triaged this task as Normal priority.
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ikloecker added a commit: rKLEOPATRA577aab168ac2: Only refresh non-revoked user IDs with email addresses via WKD.Jul 5 2024, 5:12 PM
ikloecker added a commit: rKLEOPATRA5aa26a22922e: Improve result reporting for the certificate refresh.
ikloecker moved this task from Backlog to WiP on the vsd33 board.Jul 5 2024, 5:13 PM

Backported for VSD 3.3.

ikloecker added a comment.Jul 5 2024, 5:24 PM

If one or more keys are refreshed and none of the keys has non-revoked user IDs with email addresses then Kleopatra shouldn't report a result for WKD anymore.

Other changes:

  • If no key is found on the keyserver then "was/were not found" is reported. Previously, this was only reported when refreshing one key.
  • If no key is found via WKD then "was/were not found" is reported. Previously, "was/were updated" was reported.

Note:

  • If one keyserver-only key (e.g. without email address) and one WKD-only key are refreshed then we still report "were updated" for keyserver and WKD. I think that's less confusing than reporting "were updated" for the keyserver and "was updated" for the keyserver. After all, the user refreshed two keys so they expect a result for two keys (plural). We should consider removing the separate reporting for keyserver and WKD. Most users won't care and will just be confused by this.
ikloecker changed the task status from Open to Testing.Jul 5 2024, 5:28 PM
ikloecker mentioned this in T6739: Allow "refresh key/signatures" from key's context menu (from key list).
ebo moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Jul 17 2024, 12:29 PM

works now, Version 3.2.2.2405000+git~ (Gpg4win-4.3.2-beta41)

And I agree, we need a change regarding the information. But I would prefer an information similar as for the import of certificates which would mean more info instead of less. But that would be for another ticket.