I am going to do:
(1) Recover old behavior with max-cache-ttl = 0
(2) Update the documentation of default-cache-ttl zero value disabling caching.

In T7620#200845, @Saturneric wrote:

I think it would be much better if GnuPG automatically performed a key listing immediately after key generation when a smartcard is involved. This would allow GnuPG to detect the presence of the subkey on the card right away, rather than leaving it marked as a stub until the user manually lists keys.

I see that you generated the secret encryption subkey with backup. This means that the secret subkey is generated on your computer, then copied to the card, and then deleted from your computer. The deletion is the reason why the subkey is marked as stub. Only after listing the keys on the card gpg notices that the secret key is actually on the card.

I found more issues with the success, warning, and error icons we show in various places.

An easy solution seems to be to just tell the overlay to not be always on top. It still blocks the outlook window, but other windows can then be shown on top of it.

my win10 vm was also installed with german language

issues split into new tickets:

• T7644: Kleopatra: 'Show Audit Log' in signature verification needs two clicks to open
• T7645: Kleopatra: Encoding errors in signature verification audit log

If the file data is next to the file data.sig then Kleopatra should automatically use data.sig with data. If you run kleopatra --verify data.sig or start the verification by selecting data.sig in the Windows Explorer then Kleopatra does automatically use data (at least on Linux).

Note that screenshot was made with a gpg from the 2.2 branch.
And on a Windows VM which was (I'm quite sure) installed in German from the start.
In case it matters…

We are using the style already since quite some time for gpg4win-5. I keep this ticket open for now for further adjustments (e.g. removal of workarounds added for other styles).

I'm wondering how we display valid signatures with not certified certificates. Those should probably be white (because there's no problem with signature or certificate, but signatures of uncertified certificates are as good as no signature at all.)

In T6869#200687, @ikloecker wrote:

Most of the texts (most are proper sentences) lack a full stop. It's unclear whether this is a bug in the German translation or also in the original texts. This should be fixed.

I can't see any documentation that a value of 0 disables the cache. The user might have used some undefined behaviour. For example in the old code we did a housecleaning when we were idle but the new code uses a timer and another thread for flushing the cache. We could open a feature request to entire disable the cache but I bet that we will get a lot of new bug reports because users will then need to enter their passphrase too often for one operation.

i added single/valid/disabled and single/valid/revsubkey to the screenshot table:
https://dev.gnupg.org/T6869#200682

It's not my intention. I didn't know the feature of disabling caching by max-cache-ttl to 0.
Well, it's a regression if a user intends so.

btw, my clue was that in that last --check-sigs, if i used --debug-all i got this:

This affects certification-only primary keys when doing web-of-trust calculations.

works for me, thanks

In T6869#200695, @timegrid wrote:

so the non working automatic match of data.sig -> data is another bug?

You cannot trust any signatures made with a compromised key because the signature creation date can easily be forged.

Then why don't we add at least the red background (and maybe an X) instead of the warning sign symbol and no color?

Backported for VSD 3.3.x

so the non working automatic match of data.sig -> data is another bug?

You cannot trust any signatures made with a compromised key because the signature creation date can easily be forged.

In T6869#200687, @ikloecker wrote:

Most of the texts (most are proper sentences) lack a full stop. It's unclear whether this is a bug in the German translation or also in the original texts. This should be fixed.

In T6869#200689, @timegrid wrote:

It's weird that in the "multiple / mixed / split" case the full paths of the files is used even though all files seem to be in the same folder. This isn't really that important.

This is always the case, when the sig file is selected for verification (compared to the verified file itself). Makes probably sense, as the file to be verified needs to be selected explicitly and could be in a different path.

In T6869#200688, @ebo wrote:

One thing: The message for the valid signature from a revoked key looks less worrisome from the user perspective as an invalid signature. Is this intended?
One does not see here if the signature was made before or after the revocation. In the latter case the signature can not be trusted for sure. In the first case it might be ok.

Could we maybe add the time of the expiry or revocation in the message?

In T6869#200682, @timegrid wrote:

• the Show Audit Log link will open the log only on the second click

It's weird that in the "multiple / mixed / split" case the full paths of the files is used even though all files seem to be in the same folder. This isn't really that important.

One thing: The message for the valid signature from a revoked key looks less worrisome from the user perspective as an invalid signature. Is this intended?
One does not see here if the signature was made before or after the revocation. In the latter case the signature can not be trusted for sure. In the first case it might be ok.

Most of the texts (most are proper sentences) lack a full stop. It's unclear whether this is a bug in the German translation or also in the original texts. This should be fixed.

tests with vsd still needs to be done

the changes themself look good to me on gpg4win-5.0.0-beta167@win10

Lucas Mülling commented yesterday on gnupg-devel:

yes please!

looks good to me on gpg4win-5.0.0-beta167@win10

The status bar is now updated in case the VERSION file is loaded after the main window was created.