Thinking again about this my hypothesis is:

Backported the latest change for VSD 3.3

I wasnt aware of this either, but it would be good since we currently don't have a file extension listed explicitly for pgp keys, even though we register one and have the strings already to handle downloading keys where the server transfers application/pgp-keys as information. While https://support.microsoft.com/en-us/windows/common-file-name-extensions-in-windows-da4a4430-8e76-89c5-59f7-1cdbbc75cb01 recognizes it as Microsoft Publisher file wikipedia says PGP Public key but without a citation. If AllowSilentDefaultTakeover is not set, the following code will not automatically change .pub to kleopatra. Instead in microsoft publisher is installed, it will ask you for the first time when a .pub file is opened after installing Kleopatra if you want to keep opening the files with Microsoft Publisher or if they should be opened from now on with IKleopatra,.

In T7434#195318, @ikloecker wrote:

I'm wondering what happened (or why nothing happened) between the exit of gpg-agent[2816] at 10:11:12 and the start of gpg-agent[6492] at 10:12:00.

Really. I do this for PGP files but I have not seen that elsewhere.

There is consensus that the issue T7434 must be resolved in the backend, where it originates.

There is consensus that the issue T7434 must be resolved in the backend, where it originates.

Tested with a Gpg4win-Beta and VSD-3.2.94.474-Beta:

https://invent.kde.org/pim/kleopatra/-/merge_requests/337

I edited the task accordingly. Here I meant Notepad. But I would also add this as an idea / improvement for the clipboard if this should get improvements.

Ingo prefers to hide the origin by default, so please make this one change so that the UID tab columns looks like this by default:
Name, Email, Trust Level, [Origin], [Tags]

In T7362#195689, @alexk wrote:

Yes, automatic scanning of the clipboard is not good. I withdraw the idea.

I am not sure if it helps if I comment, I just saw that this is issue cropped up again, and although we might be seeing different problems since other reports like T6623: Kleopatra hangs "Loading certificate cache" on Windows 10 T4581: Kleopatra stuck in loading the certificate cache are about indefinite hangs. (Was a timeout added in a generic place recently?) I just hope that at one point the underlying cause for this is found and resolved instead of hiding the symptom each time we find a way to reproduce this a bit better. Seeing T7437 and T7438 in which I commented a bit more made me sad that this is still not treated as a GnuPG issue.

To explain why I have not changed this, even though we have observed these hangs for years. I have never been able to reproduce a hang or issue without Kleopatra and only GPGME and only through keylistings. I just looked and still had the scripts I used for testing to mimic the calling pattern of Kleopatra lying around since this code is also run each time the security approval dialog is shown in Outlook.

I agree here with Werner. Changing the fronted to workaround locking / timing issues in the backend like in T4505: SM, W32: GPGSM hangs up the GnuPG System T6323: Kleopatra: Import multiple certificate files one after the other might be necessary in the short term to make a release possible. But even if, like in T6323 the code which avoids the issue is better this should rather be the last resort or done after doing a fix in the backend or to avoid the issue with older versions. I just wanted to comment because I clearly remember that in T6323 I was very glad to finally have a way to reproduce a deadlock with a high probability and then very frustrated that the issue was left in the backend and only hidden in Kleo.

In T7437#195688, @werner wrote:

I don't really understand the problem. After all gpg-agent seems to be started using gpgconf --launch gpg-agent which should handle the locking properly.

I think then we could also include this idea: https://dev.gnupg.org/T5006#195230
And thereby show this information for notepad imports, too.

If we're looking at changing this workflow, we could also consider how those dialogs (especially the "Certificate Import Result") dialog relate to the "Imported Certificates" tab - maybe we can find a way of showing both the relevant contents of the tab and the dialog in a unified view and then no longer need the dialog

All changes proposed here have been implemented. I do plan more changes, but will put them in separate tickets

Yes, automatic scanning of the clipboard is not good. I withdraw the idea.

I don't really understand the problem. After all gpg-agent seems to be started using gpgconf --launch gpg-agent which should handle the locking properly.

VS-Desktop-3.2.94.474-Beta:
This is, what it looks like after generating the first key in a fresh installation:

Maybe we could join the two dialogs, i.e. add the additional text and the Certify button to the import result window.

On the other hand might 2 pop up windows after an import be annoying…
Although the second window has a "do not show again" option.
Any suggestions?

The title says "notepad". The description says "clipboard". What do you want?

Additionally permanently watching the clipboard for changes can cause some password managers to detect an "attack". As it is discoverable which application accesses the clipboard on windows we had the case where a password manager would not work when Kleopatras clipboard watcher was running. T6642

I think we have to use multiple different texts instead of assuming that we can use something general as "Detailed import results from %1" which fits all cases in all languages.

ok, then we leave it in the certifications tab like it is.
What about the Uid tab? Keep it like it is, which is: Name, Email, Trust Level, Origin, [Tags] ?
While I do not think that the origin need to be shown by default, I don't think it's really a problem, as this is the last column

My comment referred exclusively to Tobias's "In the future [...]" comment.

"Tags" are stored with certifications. Therefore, I think it's useful and makes sense to show the Tags column in the Certifications view.

This is what Tobias means:

Isn't the name of the tab showing the imported certificates "Imported Certficates" or something like that? The filter "All" shows all imported certificates. And when you select the filter OpenPGP you see the subset of imported OpenPGP certificates. Therefore, I don't think it makes sense to add a custom filter.

Gpg4win 4.4:

Some questions (wishes):

• Will the upload also be done to an configured LDAP Server?
• Can the upload-checkbox setting be configure via the Windows registry?

Gpg4win 4.4: ok, now the date of the main key is preset as the expiry date of the main key if it is less then 3 years in the future. Otherwise 3 years from now is preset.

Ok, I'm not asked, therefore I set this to done, but not resolved yet, as I'm not sure if the gpg version might have an influence.

Gpg4win 4.4:
Contrary to the task description are:
a) In the certifications tab the "tags" column is shown by default
b) in the UID tab, the "origin" column is shown by default (only the "tags" column is hidden)

The only difference that you should see in the UI is that there is no longer a menu that pops up when you drop files, asking you what to do with the files. So I guess, if things works fine as you described them, you can consider the ticket done

This ticket description does not give me anything to test.

tested with Gpg4win 4.4

tested with Gpg4win 4.4

This issue looks still the same from the user perspective as in the task description with Gpg4win 4.4. Therefore tagging it for gpd5x

Better a new ticket for the rest, see T7441

Works for me in an NSIS installer. The VSD beta thing also works with copied conf files.
(gpg4win-5.0.0-beta27 with some local mods)

This doesn't happen anymore now that we offer all valid user IDs and not just the primary user IDs.

I have created two subtasks for the two changes we could make in Kleopatra to avoid the gpg-agent startup race.

Neither gpg nor gpgsm start gpg-agent if the keyring is empty. That's why Andre made Kleo start gpg-agent explicitly so that people could get going with an empty keyring after inserting their (PKCS#15) smartcard.

Kleo needs this only because it wants to directly talk to gpg-agent via Assuan. For example to get smartcard infos. What about delaying this part until you have received some data back from gpg or gpgsm? This makes sure that the agent has been started.

Looks like there's something not correct in the completion model. Or we use different criteria for showing the blue "i" (as "information") which doesn't make it better. Reopen?

Yes, that's what happens. I did an experiment with waiting for gpgconf --launch gpg-agent to succeed, but the timeout of 5 seconds I used was too low and I didn't feel like increasing the timeout. Instead now we run gpgconf --launch gpg-agent detached.

Let me guess: Kleopatra starts the agent using gpgconf --launch gpg-agent which in turn uses gpg-connect-agent to actually start the agent if needed. Kleopatra does not seem to wait for the launch to succeed and fires up gpg and gpgsm. They both wait for the gpg-agent to be started and both use the same locking strategy. However, this involves a pseudo random wait which should avoid deadlocks. See gnupg/common/dotlock.c:next_wait_interval

This is long done, but only for Qt 6-based releases. Andre's comment T6663#175481 has also been addressed.