Maniphest T8275

Kleopatra: Change appearance of S/MIME root certificates
Testing, NormalPublic
Actions

Assigned To
ikloecker
Authored By
ebo
Wed, May 27, 1:27 PM
Tags
Subscribers
ebo

Description

Edit 2026-06-08: removed the color suggestions as it was concluded that we can remove the color

We already agreed in T8077 that the bold font should only be used if the secret part of a certificate (secret key) is available.

But for S/MIME Root CAs the default appearance is bold font with a blue-with-a-hint-of-purple background:


The contrast here is only 4.63 and which is even in combination with the bold font not sufficient.
Our contrasts for the light green (VS-NfD compliant) and red (not compliant) have a contrast around 13.

Instead of going for a lighter color, we decided to

  • use no special default color for root certificates and
  • drop the bold font

Then only own certificates will be shown in bold font any more.

For VSD the root CAs should be shown as green or red, the same as for not-root certificates, depending on whether they are VS-compliant or not.

Revisions and Commits

rLIBKLEO Libkleo
rLIBKLEO82babca965d2 Change default appearance of trusted S/MIME root certificates
rLIBKLEO6057da1f64d3 Change default appearance of trusted S/MIME root certificates

Related Objects

Event Timeline

ebo triaged this task as Normal priority.Wed, May 27, 1:27 PM
ebo created this task.
ebo added a comment.Wed, May 27, 1:53 PM

Note that with #ebebff it is not easy to recognize the color next to the light red:

It is better for #dbdbff

ebo added a comment.EditedThu, May 28, 10:21 AM

The question came up why we have a separate color for trusted root-CAs and if we should not better remove it instead of changing it.

In the treeview one can easily deduce which is the root, so visibility does not explain it. (Possibly, we could remove the option to turn that view off.)

It would be easiest to use the same colors as for all other certificates, i.e. none in Gpg4win and green/red in VSD for the Root-CAs.

Should we want to do this, we should keep the category though, so that users could set the color again if they don't want the change.

ebo removed a project: needs discussion.Mon, Jun 8, 2:03 PM

There was no veto for the removal of the color. I'll update the description.

ebo updated the task description. (Show Details)Mon, Jun 8, 2:20 PM
ikloecker claimed this task.Thu, Jun 11, 9:32 AM
ikloecker moved this task from Backlog to WIP on the gpd5x board.
ikloecker added a commit: rLIBKLEO6057da1f64d3: Change default appearance of trusted S/MIME root certificates.Thu, Jun 11, 12:32 PM
ikloecker added a commit: rLIBKLEO82babca965d2: Change default appearance of trusted S/MIME root certificates.Thu, Jun 11, 2:10 PM
ikloecker changed the task status from Open to Testing.Thu, Jun 11, 2:38 PM

Done and backported for GPD 5.1

ikloecker mentioned this in Unknown Object (Maniphest Task).Mon, Jun 15, 8:59 AM