Thanks for the info. Yes, for the OpenPGP card we could use the ignore error approach.

News for 1.34:

These are hooks so that co-operative thread libraries (like ntph) are able to yield control to the system's thread's implementation.

Your home is under /dev/ - really? Please run

Set to high because it breaks a build.

In another project in the early 2000ies we had a lawyer from one of those Königsallee lawfirsm as partner. IIRC the estimated cost for a word trademark in the EU, US, and JP was in the range of 10k for just a couple of years.

I don't know why @BenM closed this bug given that he mentioned that the qt part is yet not solved.

Version of gpa and best also of gpgme? The latest gpa releases show that in the About dialog.
The installed version of gpg is also of inetrest. In a shell enter "gpg --version".

Right. We won't change that though. Sorry.

Please never ever define NDEBUG. This is a severe misfeature of the assert macro.

Thanks. The mail is a standard, non-crypto mail with one attachment. That attachment is a TNEF file which has according to ytnef(1) just one file. That file has the name gpgolPGP.dat and contains a clearsigned message.

Is it possible that you upload or send me a copy of such a mail (wk gnupg.org)? ZIP or tar the eml file and send it in an encrypted mail to me to make sure it won't be modified on the transport.

I think we should stick with the syscall for Linux.

FWIW, the canonical way to make sure that gpg-agent has been started is to run

A list of SHA-1 fingerprints for the valid certificates. With our without colons.

I had to look it up in the code and man page too ;-)

See T4293

With GCRYCTL_AUTO_EXPAND_SECMEM we won't anymore run out of secure memory. This has even silent been backported to 1.8.x (using the numerical value of that constant) and is for long an option of gpg-agent. Thus closing.

Closing, given that we implemented a general solution; see the parent task.

I have seen no responses on your two mails to the ML and given th athere is no concrete protocol bug, I close this issue. If you can show a concrete bug please re-open this issue again.

I don't think that this is a good solution for a problem we could solve much easier but fear to do that due to kind of crypto politics.

Is using

The usual reasons for corruptions of binary data are FTP transfers in text mode; or opening a file with a Windows editor.

NEWS are:

Interesting idea but it does not help against attacks because all root CA are considered equal (virtually cross-signed). Thus a single not checked root CA allows to subvert all certificates.

Thanks.