I would give this low priority. There is no way to prohibit that except if the user has no deletion rights on the file system. There are already multiple dialogs asking the user to confirm the secret key deletion. A user could by the same logic "Free up some space" in their local home directory and delete %APPDATA%.

ok, works with Version 3.2.2.2405000+git~ (Gpg4win-4.3.2-beta41).

As for renaming "Change Reset Code" to "Set Reset Code", what about "Change PIN" and "Change Admin PIN"? Should they also be renamed? If not, why not? Is there no default reset code? Is there a way to find out whether the reset code has already been set (in which case "change" would be more appropriate than "set")?

It's not tagged vsd33 and I didn't plan to backport this since it depends on other changes (T6787) that are master-only.

we are doing this for the last releases. The list of files can also be found in the repo now in gpg4win.mk.in

Will this be backported? Since the pgpcardwidget otherwise contains strings which are neither in master nor in kf5 I would say so.

Yes sounds good to me. Since we have the ability even in the full list view to filter for "only with secret" certificates. Regarding gpgme_set_sender. Only GpgOL uses this, we only really need it for TOFU I think. To leave that discussion / point out of this issue I created T7199: KMail / Kleopatra: Use gpgme_set_sender to add a hint which UserID was selected for a signature

ok, I like your proposal. To recap:

This behavior of the encrypt-to-others input field is intended. It avoids "Multiple matching certificates or groups found" errors if there is one current (good) certificate and one (or more) old expired certificates for an email address. There's a button to open a dialog listing all certificates so that the user can find a certificate they are missing in the input list's completion list. I think this is an acceptable compromise between making all certificates discoverable (even expired or revoked ones) and offering not too many irrelevant certificates. When the user selects a bad certificate in the selection dialog we should probably show a note that this certificate cannot be used instead of showing "Error: No matching certificates or groups found".

In T7183#188348, @ebo wrote:

I'm not sure if we are talking about the Encrypt-to-self drop-down or the Encrypt for others input fields. On the other hand, I see little reason to treat both differently.

At the moment they are treated differently. In the dropdown for encrypt-to-self no expired certificates are listed. encrypt-to-others does not have a dropdown. You are not able to find an expired Certificate by typing the name. But you can open the certificate list to chose from, where expired certificates are shown and selectable.

I'm not sure if we are talking about the Encrypt-to-self drop-down or the Encrypt for others input fields. On the other hand, I see little reason to treat both differently.

I agree with Ingo and Werner here. In summary

The ticket mentioned in the previous comment is T7190: Kleopatra: wrong claim of update in WKD for keys with no mail address.

Turns out

• the singular instead of plural in the German version is a translation thing and should now be fixed (but is not in the testversion beta35)
• there is another issue muddying the waters regarding search in WKD, for which I will create another ticket

rere 2: I agree as long as the expired certs are order behind regular certs.

Re 2.:

• I think expired user IDs should also be offered. Otherwise, people who forgot to extend the validity of their certificate won't find their certificate. Usability-wise it's better to offer the certificate and show a notice that the selected certificate has expired. I wouldn't differentiate between primary and additional user IDs.

In general, I question the usefulness of the tool tip for the certificate list. The information in the table is already very detailed and for more details there's the details view. Important information that's missing in the table shouldn't be hidden in the tool tip.

is there a keyring/password manager that is not dependent on a desktop environment that the terminal pinentry supports?

Now also done for libksba.

Done.

Done in 3.0.0.

Added in 3.0.0.

Different pinentries provide different options. The curses pinentry does not have that external password manager thingy. Mixing GUI and tty use seems to be a rare case.

The usability challenge does already exist today because Kleopatra allows to encrypt all files separately. Currently, all encrypted files are written to the same output folder. Which is highly problematic if some of the original files have identical names. Encrypting the individual files in-place would avoid the problem of name clashes.

The usability challenge here is what happens if the encryption does not work for some files in between:

Note that the origin stored for the key is for example required if a key is updated by fingerprint. In that case we don't known from which user ID to take the origin.

I updated the certificates of Werner, Andre and you and got as result "The certificates were updated.", i.e. plural, for both, keyserver and WKD. Singular could mean that only updates for one certificate were found.

Looking only at the text used, you get exactly the same messages used for single certificate updates, "The certificate has been updated" or "The certificate was not found.", both in the singular.

Querying WKDs for keys not retrieved via WKD leaks information, i.e. a (fake) WKD could track who is looking for keys. KDE's privacy-by-default policy doesn't allow such a setting to be enabled by default. (In VSD you can enable it for certain customers who don't have a problem with this.)

Note for testing: To reduce the PUK counter to 0 you have to enter a wrong PUK for "Unlock Card". The wrong PUK must have at least 8 characters. Otherwise, gpg-agent will consider the PUK wrong without even asking the smart card so that the smart card doesn't get a chance to reject the PUK and decrease the PUK counter.

And "But "Update certificate" does still not query WKD (not even after restarting Kleopatra.)" seems to happen because the setting "Query certificate directories of providers for all user IDs" wasn't enabled.

I can confirm that Kleopatra reports "The certificate was updated." when updating the certificate werner.koch@gnupg.com although gpgme reports "unchanged: 1" as ImportResult. Kleopatra even reports "The certificate was updated." under WKD for a locally generated test key that's not available via WKD. This should be fixed.

Tested with Gpg4win-4.3.2-beta25:

Tested with Gpg4win-4.3.2-beta25

I've talked to ebo about this and yes she will create subtasks for at least GPGME log an qDebug logging the GnuPG Logs can already disabled in the config so we dont really need it. Currently it looks like this and I find it rather confusing:

I confirmed that this is present in version 2.2.40 on debian as well.

respecting the "disabled" state is ready for testing; the rest won't be done on this ticket

The changes where backported for VSD33, but they have little to do with the original request. They only address https://dev.gnupg.org/T6072#167392

great, thanks!

correct, this only affects encryption

I assume you only implement this for encryption and not decryption. The latter should always be possible.

With caching, did you have something like this in mind?

The texts were changed as discussed in the linked MR. I haven't changed the order of the buttons.

Yes, I think we should support this. Also X448. Thanks for the report and the samples.

Go ahead and split it of, then. And setting a key to disabled in Kleopatra itself is not that urgent that it has to be in vsd33.

I think Kleopatra now respects the "disabled" state of OpenPGP certificates. I don't remember the outcome of our discussion about allowing to disable OpenPGP certificates from Kleopatra, but I think this should be split out of this ticket.