Should be fixed. A copy of an older version of pinentry's source code that can be built with Q4 is now included and will result in a pinentry-qt4 executable. Note that while we won't break this pinentry intentionally we won't maintain it either.

Note to self: T6100: Kleopatra: Make revocation of certifications accessible may be obsolete when the improvements are completed because then the dialog will most likely be gone.

If the user cannot revoke any of the certifications of the selected key or user IDs, then we now inform the user about this instead of showing the dilaog.

We now propose "<fingerprint>.rev" in the last used export directory as file name. This is the same file name as for the revocation certificates that gpg automatically writes to the openpgp-revocs.d folder when a new OpenPGP key is generated.

I have kept a backup copy of a WKDRefreshJob locally. ;-) But that's stuff for a different task.

Looks good. After entering a wrong passphrase three times Kleopatra now reports

Moving the key to the card failed: Bad passphrase

gpg was waiting for the passphrase for the signing key to be provided via stdin.

See T5903: Kleopatra: Add refresh button in certificatedetails for the corresponding Kleopatra task. Kleopatra now uses the good old ReceiveKeysJob for doing a key refresh from the configured key server. The RefreshOpenPGPKeysJob has been removed.

For an OpenPGP key, Update now performs a simple "retrieve key" operation for the existing key, i.e. it refreshes the key with the public key found on the configured key server.

Did you restart Kleopatra after enabling the high contrast mode? I have implemented that Kleopatra doesn't change/set any background or foreground colors if high contrast mode is detected. Maybe the detection (in SystemInfo::isHighContrastModeActive) doesn't work.

All issues were addressed.

Okay. I do a KeyListJob with key list mode GpgME::LocateExternal which does the equivalent of --locate-external-keys and that depends on the auto-key-locate mechanisms which could include keyserver and other mechanisms besides WKD.

The lookup by email address is supposed to be done via WKD. Obviously, a lookup by fingerprint wouldn't work. And yes, obviously this may import additional key via WKD.

The original issues have been addressed. Moreover, the actions are now available as buttons additionally to being available as context menu items.

The OpenPGP-related changes mentioned in T5832#161063 have been implemented.

I think this was mostly covered with T5362: Kleopatra: Add warning in compliance mode if gnupg version is not compliant and T5653: de-vs and GnuPG 2.3.3 error.

As discussed with Andre we streamline certificate generation as follows:

• We remove the "Choose Type of Key Pair" dialog.
• We replace the "New Key Pair" entry in the main menu with "New OpenPGP Key Pair" and "New S/MIME Certification Request".
• For OpenPGP, we replace the result dialog with the "Next Steps" buttons with a simple success message box.
• For S/MIME, we immediately show a Save File dialog instead of the result dialog.