Well, Werner is just back so he can say more.
An excellent reviewer was Stephan Müller from atsec. He is also involved a bit afaik in the kernel random development.

Hi, gpg4o does not send PGP/MIME (the proper format for including attachments and no encoding problems). As such it does not have the Problem described here. You can use "Send PGP Mails without attachments as PGP/Inline" in the options of GpgOL to have something similar. This will also work for Kopano.

Done.

I've updated the README and added example mainifests.
Make dist is also updated I could build the extension and webpack it from the dist package.

I'm not sure that I understand your Problem. It might be helpful if you could provide screenshots of your problem so that we can better understand it.

We are not a CA and do not provide certificates.

There is currently no ECC key support in the S/MIME component of Gpg4win. I've edited the task a bit to reflect that. So it is impossible to generate an ECC Key for S/MIME with Kleopatra.

Got a new OL 2013 test setup where this was finally reproducible for me.

Thanks for the tests and the report.

This seems very special and I'm not sure if we should not say at some point that we won't add quick commands for everything ;-)

The crash on send should be avoidable by checking "Disable async encryption" in the options.
Yesterday I got a new OL 2013 test system with which I can reproduce the crash. So that will be fixed or worked around for the next release.

Sure, this should work, local keys are preferred.

No you can not use an "external" Web Key Directory. The point is that the provider (your domain) should be the source of the keys as it already manages the mail account. ( For more info see: https://wiki.gnupg.org/WKD )

Thanks for the report. I've commited a fix. (Returning the c_str here is ok as the data is not meant to be modified once "action" is called)
Please let us know if you find additional issues.

I misunderstood your original report.

Patch applied. Thanks.

I think that the ultimate decision here lies with Werner. Additional review.
I think the biggest obstacle is that we don't want to change the random gathering code if it can be avoided and that the random code has been thoroughly reviewed / tested and is currently considered secure.

I do not see the harm in this patch and it seems useful. Indeed it seems better then making a directory in tmp as this might create regressions for others.

Indeed. Thanks for the reminder.
There is some code currently in there already but its not yet fully implemented. Needs to be finished.

In the current gpg4win-3.1.3 beta 20 this is enabled again. It can be disabled in the options with "Disable non-blocking encrypt / sign"

I made it optional for now with default on. So that if it crashes it can be disabled. We need to see if the crash is a general problem or a special problem of that one tester.

This was fixed with kleo rev 289efa360f6b15a3389ea2f2efede352711e7d7e

We disabled the codepath that required this for now. Lets see how it works.

I can't reproduce this. When I make Dirmngr offline I correctly get a No CRL known error. So it must be something different.