Page MenuHome GnuPG
Create Task
Maniphest T7868

Kleopatra: config check box for AllowMarkTrusted not functional
Testing, NormalPublic
Actions

Description

In the Kleopatra settings in the config tab "S/MIME Validation" the check box "Allow to mark root certificates as trusted" is not set by default. Although it is allowed to set root CAs in Kleopatra to trusted by default in the gpg4win versions.

It is the only option in the menu tab for which a status change does not result in some message shown in debugview.
And if you check the box, save+close the settings and open them again, the box is unselected.

This was reported for a user with Gpg4win 4.4.1, as they could (for whatever reason) not trust root certificates and they searched for an option to enable this.
While I could not replicate their main issue, the settings are obviously broken and this is true for versions from master, too.

Details

Version
Gpg4win 4.4.1, 5.0-Beta-369

Revisions and Commits

rKLEOPATRA Kleopatra
rKLEOPATRA867352e0e800 Remove "Allow to mark root certificates as trusted" check box
rKLEOPATRAea04de31485c Remove "Allow to mark root certificates as trusted" check box

Related Objects

Event Timeline

ebo created this task.Tue, Oct 21, 3:53 PM
ebo created this object with edit policy "Contributor (Project)".
ikloecker claimed this task.Tue, Oct 21, 4:31 PM
ikloecker moved this task from Backlog to WIP on the gpd5x board.
ikloecker added a commit: rKLEOPATRAea04de31485c: Remove "Allow to mark root certificates as trusted" check box.Tue, Oct 21, 4:42 PM
ikloecker changed the task status from Open to Testing.Tue, Oct 21, 4:50 PM
ikloecker triaged this task as Normal priority.

Fixed. The check box has been removed from the "S/MIME Validation" tab.

This setting should have been removed with the changes made for T7350. The setting had been hidden since a long time. See rKLEOPATRAdfaaabb406a3 for details.

The setting can still be changed in the GnuPG System configuration: Disallow clients to mark keys as "trusted" option on the Private Keys tab.

ikloecker added a project: vsd34.Tue, Oct 21, 5:06 PM
ikloecker added a commit: rKLEOPATRA867352e0e800: Remove "Allow to mark root certificates as trusted" check box.Tue, Oct 21, 5:07 PM
ikloecker moved this task from Backlog to WIP on the vsd34 board.Tue, Oct 21, 5:09 PM

Backported for VSD 3.4 since this is clearly a regression introduced with T7350 and the fix is zero risk.