with VS-Desktop-3.1.90.258-Beta the ü is still broken for "Zeitüberschreitung" in the error window which occurs in the context of keytocard:

This may be related to the output PIN retry counter : 3 0 3, i.e. the PUK counter is 0. No idea what this means.

as this really bugs me, I raise the prio.
And add the Kleo tag, as Werner said it might be that Kleopatra is responsible.

works with VS-Desktop-3.1.90.258-Beta

With VS-Desktop-3.1.90.258-Beta I ran again into the last issue with "Wrong PIN". I had not realized that I had entered the PIN wrong before (as you have to enter the PIN several times anyway when generating a new key on a card and you do not get an error message on wrong PIN but instead only a new pinentry window...).

works

with VS-Desktop-3.1.90.258-Beta, CSR creation is now greyed out for RSA2048, while it is offered and works for other algorithms

CSR creation works now (tested with VS-Desktop-3.1.90.258-Beta, Yubikey and OpenPGP card)

hmm, almost. With VS-Desktop-3.1.90.258-Beta I do not get an error any more, a key is generated. But the "vaild until" date is off by one day, it is one day later as the one given at key generation.

works, the secret part is now imported, too, tested with VS-Desktop-3.1.90.258-Beta

works: my brainpool X509 testcertificate is shown as compliant

For the VSD branch it works, VS-Desktop-3.1.90.258-Beta

In VS-Desktop-3.1.90.258-Beta it is "no space left on device" now in the encrypt/verify window.

At the moment we have a green background for the results of a decryption and/or verification, if it was successful.
This does not work with high contrast mode.

and it is also confusing that you can choose the key for signing in Kleopatra, it is displayed with a green check mark but then you run into an error:

yes, fixed

The original issue was to unclear to analyse and it was likely meanwhile fixed. For the other issue see the follow up ticket.

The debug/workaround option works: When the option is checked, opening the msg file will not change its date.

With VS-Desktop-3.1.90.246-Beta I can not import the secret part of the edward.tester@demo.gnupg.com.p12 Testkey (ECC brainpool).
I do not see any error message.

works: installed VS-Desktop-3.1.90.246-Beta with

it was decided to write the encrypted archive with ending .part and only rename it at the end. In this way the users can't think they have a valid encrypted archive

Well I have looked at this ticket and posted a comment. We should talk about if there is anything left to do or not. I suspect that the gpg side is done and I should open one (or probably better several) ticket(s) for the kleopatra side.

works now with VS-Desktop-3.1.90.246-Beta

The error message in Kleo is now (with VS-Desktop-3.1.90.246-Beta) "Broken pipe". But in the linked error protocol you can find the gpg error message "no space left on device". So I would find this message acceptable.

As what I see is similar as what Andre saw, I'll describe it here. Please check if this is relevant.
After the above mentioned Ticket was resolved, I tried the exact same encryption in Kleopatra on the same Test-VM.

works!

Well, neither OpenPGP certifcate nor CSR creation from a key on a card is offered for any of the cards I tried.
But that is not only for RSA2048, but for all types of keys.

This is probably a duplicate of T6325

works

related to T6325

For Yubikey it looks the same for me, the CSRs creation buttons are always greyed out (checked for RSA 2048, 3072, brainpool)

On Yubikey and OpenPGP card, OpenPGP creation is possible for RSA2048, too.
Key creation on Yubikey with Curve25519 fails with "General error", it is not disabled in Kleo.
On the Zeitcontrol OpenPGP card it is not offered (but it does not have the capability, anyway, AFAIK)

As I have installed several test versions on Windows since and did never notice a self test during usage, this obviously works

TeleSec NetKey v3 cards are accepted, for NetKey v2 you get the error message "NetKey v2 cards are not supported".

With current VS-Desktop-3.2.0.0-beta229/231 this does not work for me. Neither for RSA 2048 nor 3072.
The CSR buttons are greyed out

Choosing Curve 25519 results in a general error btw.

works, either name or email is enough

fwiw: For a Netkey 3.0 card with expired RSA 2048 certificates, CSR creation is not offered.

closing this ticket, diagnostic output is there, for improvements see T6749

The error dialog has the "Show Audit Log" button now and it shows error messages but now the user gets two audit logs:

And the filter for the key selection has to be checked. Also compare T6743

We decided what aheinecke wrote before: The key group name should be displayed with a red X and the encryption button should be disabled as long as encryption is not possible.

We decided to use the blue symbol for such a not compliant key in the VSD version

We discussed and decided that "can encrypt" should determine if an encryption subkey exists for a key in the keyring associated with the given email address.

works. In current VSD-testing-Beta.

Works, the expected behavior from the description is shown.

With the current Beta VS-Desktop-3.2.0.0-beta229/231 the tags in the tags column in the certificate list are always shown, regardless of the configuration option "show tags of certificates". Only the tag of the primary UID is shown there (which makes sense, IMHO).

The new "no 509 certificate" message box comes up always when restarting Outlook and then immediately composing and sending a message, even when the user has a certificate.
-> add a check if the cache is already loaded in GpgOL