- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Feb 15 2024
Seems to be a small problem with the regex used for extracting the gpg4win version number from kleopatra's version number. See https://invent.kde.org/pim/kleopatra/-/merge_requests/117/ for fix and details.
My suggestion is to define all filters in libkleopatrarc instead of defining some filters in the C++ code.
Portable Apps are a Bad Idea because they bypass important security mechanisms. In any case please tak such discussions to a mailing list and please do not use the bug tracker for this. The audience of bug reports is pretty limited.
Talked to werner about this. We will but the list of signed files into the Gpg4win repo proper to that signing is part of the normal Gpg4win release (of course only if you have a signing key configured)'
Isn't the kleopatragroupsrc just such a config file?
Quick hint how to test a fix given that the versions.gnupg.org currently does not carry an entry for gpg4win.
These actions/commands or, more precisely, the documents those commands show, are only available in the commercial GnuPG VS Desktop release.
Ingo came up with the idea to put all the filter definitions in a config file in the GNUPGHOME.
The validity column does not contain that information in case only the encryption subkey has expired.
As is the case if people extended an expired keypair via Kleopatra with VSD up to 3.1.26.
This is basically done although not exactly as proposed here.
But WKD and Keyserver search are now combined. With WKD search only if you configure keyserver "none".
Werner wants the import via gpg-agent
Thank you for the report. There was a problem in: rG845d5e61d8e1: dirmngr: Cleanup the http module.
Pushed the fix in: rG04cbc3074aa9: dirmngr: Fix proxy with TLS.
In master, I applied changes for include files which don't harm current target of MinGW-64.
It's true that under $GNUPGHOME (~/.gnupg/), there are multiple things: configuration files, user-specific data files (private keys, public keys, the trust database, and revocation certificates), user-specific state files (like the lock files and random seed), possibly runtime sockets, and executable/script for card reader. Some careful handling might be needed for making backup and doing version control for that.
Feb 14 2024
Yeah I also signed all the binaries for the last Gpg4win release (4.2.0). I think we should support the case that only signed binaries are allowed on a system.
I guess that's what it is called. A person in the forum told that GpgOL could not be loaded in Outlook and saw that the signature is missing in the new version. But it was there in version 4.2.0. With the command Get-AuthenticodeSignature I could confirm that this is the case.
You mean the Authenticode signature? Afaics, only the gnupg files come with such signatures.