We are now generating a key with whatever defaults gpg uses.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
Nov 10 2023
Nov 10 2023
• aheinecke moved T6701: GpgOL: Use GPGME_ENCRYPT_ALWAYS_TRUST from Backlog to QA on the vsd32 board.
We discussed this at length again. I would not veto a change that would allow users to encrypt to expired S/MIME certificates but the main use case I had in mind here was with regards to "Some error" happening when encrypting ( like T6545 T6398 ) . So that in the keyresolver everything is green but you cannot encrypt. Or that you have an incomplete certificate chain or an untrusted root certificate and it will take your administration some weeks to mark that as trusted. That makes this feature a bit hard to test so ebo mostly tested with expired certificates. (And I know that technically you can't verify if a cert is expired or not if you have an incomplete chain). A better test will be with a fully valid cert that has an unreachable CRL distribution point. I have such a cert and will give it to ebo. So she can test again and if that works as intended -> Key resolver green -> Error -> Allow to encrypt anyway but not vs-nfd compliant. I think we can set this issue to resolved.
The whole question regarding expired / non expired is a different topic on which, as I said, I changed my mind. You can easily explain to users "You cannot encrypt to expired certificates" but you cannot easily explain "you cannot encrypt to support@greenbone.com because they have unsupported cert extensions in their certitifcate"
• ebo moved T6584: Kleopatra / Gpgtar: Cancel on encrypt leaves a broken archive behind from QA to WiP on the vsd32 board.
• ebo moved T6584: Kleopatra / Gpgtar: Cancel on encrypt leaves a broken archive behind from Restricted Project Column to Restricted Project Column on the Restricted Project board.
I disagree. We already talked about this and we should proceed as planned.
Nov 9 2023
Nov 9 2023
• ebo moved T6584: Kleopatra / Gpgtar: Cancel on encrypt leaves a broken archive behind from WiP to QA on the vsd32 board.
• ebo moved T6584: Kleopatra / Gpgtar: Cancel on encrypt leaves a broken archive behind from Restricted Project Column to Restricted Project Column on the Restricted Project board.
This is an incarnation of T6685 while we decided to deprecate that job we did not open a ticket to do it and forgot about it. So we did not notice that it was still used in the keyapprovaldialog. Fix is to replace it there with the correct key generation job.
We consider rsa2048 as compliant until the end of this year; this is required due to the Telesec smartcards. However, we should never create such a key and kleopatra does not allow this.
Nov 8 2023
Nov 8 2023
• werner triaged T6802: Trying to sign with a brainpool X509 key results in non-compliance error as High priority.
• werner moved T6802: Trying to sign with a brainpool X509 key results in non-compliance error from Backlog to WiP on the gnupg22 board.
• werner moved T6802: Trying to sign with a brainpool X509 key results in non-compliance error from Backlog to QA on the gnupg24 board.
• werner changed the status of T6802: Trying to sign with a brainpool X509 key results in non-compliance error from Open to Testing.
• ebo added a comment to T6802: Trying to sign with a brainpool X509 key results in non-compliance error.
for comparison, the command without compliance enabled:
Well the icons are there. So I don't think this needs more QA.
Test version is available intern.
Nov 7 2023
Nov 7 2023
• aheinecke lowered the priority of T6799: Kleopatra configuration files in wrong places from High to Normal.
When I created the GnuPG VS-Desktop MSI Package I messed up and forgot about a file that Gpg4win writes where to place the config files.
Oct 31 2023
Oct 31 2023
• ebo closed T6750: Kleopatra: Offer only compliant algorithms for key generation on smart cards in VSD as Resolved.
works
Oct 30 2023
Oct 30 2023
• ikloecker moved T6750: Kleopatra: Offer only compliant algorithms for key generation on smart cards in VSD from Backlog to WiP on the vsd32 board.
• ikloecker moved T6584: Kleopatra / Gpgtar: Cancel on encrypt leaves a broken archive behind from Backlog to WiP on the vsd32 board.
• ikloecker added a project to T6584: Kleopatra / Gpgtar: Cancel on encrypt leaves a broken archive behind: vsd32.
• ikloecker placed T6721: QGpgME: Create archive as .part and rename on successful creation up for grabs.
• werner moved T6721: QGpgME: Create archive as .part and rename on successful creation from Backlog to WiP on the vsd32 board.
• werner reopened T6721: QGpgME: Create archive as .part and rename on successful creation as "Testing".
• werner added a project to T6721: QGpgME: Create archive as .part and rename on successful creation: Restricted Project.
• werner moved T6721: QGpgME: Create archive as .part and rename on successful creation from Backlog to QA for next release on the gpgme board.
• werner edited projects for T6721: QGpgME: Create archive as .part and rename on successful creation, added: gpgme; removed Restricted Project.
• werner added a project to T6721: QGpgME: Create archive as .part and rename on successful creation: vsd32.