works!
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Oct 13 2023
Oct 10 2023
Well, neither OpenPGP certifcate nor CSR creation from a key on a card is offered for any of the cards I tried.
But that is not only for RSA2048, but for all types of keys.
Oct 9 2023
This is probably a duplicate of T6325
works
related to T6325
For Yubikey it looks the same for me, the CSRs creation buttons are always greyed out (checked for RSA 2048, 3072, brainpool)
On Yubikey and OpenPGP card, OpenPGP creation is possible for RSA2048, too.
Key creation on Yubikey with Curve25519 fails with "General error", it is not disabled in Kleo.
On the Zeitcontrol OpenPGP card it is not offered (but it does not have the capability, anyway, AFAIK)
As I have installed several test versions on Windows since and did never notice a self test during usage, this obviously works
TeleSec NetKey v3 cards are accepted, for NetKey v2 you get the error message "NetKey v2 cards are not supported".
Oct 6 2023
With current VS-Desktop-3.2.0.0-beta229/231 this does not work for me. Neither for RSA 2048 nor 3072.
The CSR buttons are greyed out
Choosing Curve 25519 results in a general error btw.
works, either name or email is enough
fwiw: For a Netkey 3.0 card with expired RSA 2048 certificates, CSR creation is not offered.
Oct 5 2023
closing this ticket, diagnostic output is there, for improvements see T6749
The error dialog has the "Show Audit Log" button now and it shows error messages but now the user gets two audit logs:
And the filter for the key selection has to be checked. Also compare T6743
We decided what aheinecke wrote before: The key group name should be displayed with a red X and the encryption button should be disabled as long as encryption is not possible.
We decided to use the blue symbol for such a not compliant key in the VSD version
We discussed and decided that "can encrypt" should determine if an encryption subkey exists for a key in the keyring associated with the given email address.
works. In current VSD-testing-Beta.
Oct 4 2023
Works, the expected behavior from the description is shown.
With the current Beta VS-Desktop-3.2.0.0-beta229/231 the tags in the tags column in the certificate list are always shown, regardless of the configuration option "show tags of certificates". Only the tag of the primary UID is shown there (which makes sense, IMHO).
The new "no 509 certificate" message box comes up always when restarting Outlook and then immediately composing and sending a message, even when the user has a certificate.
-> add a check if the cache is already loaded in GpgOL
For the Berta Key in the Testversion: *After* entering the Password for the signature, the new GpgOL message does show. When I choose "Retry" in spite of the warning, the mail is send out encrypted.
So I was only confused because I did expect another order of events. Something seems redundant and confusing here:
First you are shown the security confirmation dialog an click on OK (with the small warning sign and "not compliant" next to it), then you are asked for your password (if it is not in the cache) and then you get the new Warning message with the option to "Retry". Although you already in the first dialog chose to encrypt non-compliant.
Btw: The error message from gpg is for me not "end of file" instead it is: "Syntax error in URI"
If I repeat this with a totally empty keyring, I get the new message regarding the missing signing certificate.
With this certificate I do get the security confirmation dialog without "always show" on, but still no new message box.
Without "always show" I get a pinentry immediately after hitting "Send". So no warning.
I realized that I still had "always show confirmation dialog" on... When I turn that off I get the default error message, but with encoding errors:
(I'll take care of the line break, btw)
I do not see the default error message, not even with a new, totally empty keyring.
I immediately get:
Oct 2 2023
I had a look at the current state (VS-Desktop-3.2.0.0-beta229/231 from 2023-09-29):
again aheinecke:
aheinecke wrote regarding not showing the group at all (https://dev.gnupg.org/T6401#175847):
This is in contrast to the behavior for "single" keys. An expired key is not listed as available for encryption at all.
Sep 29 2023
Yes, works now ( VS-Desktop-3.2.0.0-beta from today):
works, I only see the error in debugview.
Furthermore, I use the occasion to point to T6493, Improvements on search window ;-)
works: After generating a PIV key
gpg --edit-card
nevertheless shows the OpenPGP keys. Tested with gpg4win 4.2.0.
Sep 28 2023
works as described
For me with Gpg4win 4.2.0 it works as expected, that is all UIDs which have a checkmark are certified in one go, entry of password only once. Used the key given in description for the test.
After the fix everything after the Signature block is now silently discarded
works
works
Sep 27 2023
works
works, VS-Desktop-3.2.0.0-beta214
This is NOT the bug reporting form. You will find the form at https://dev.gnupg.org/maniphest/task/edit/form/5/
Edit: The text below was wrong. The error given below only occurs when the combined path+filenmae is to long on windows.
An emoticon in a file below the folder to be encrypted does not hinder encryption via GpgEX.
Sep 26 2023
works, tested with VS-Desktop-3.2.0.0-beta214.
For the remaining issue with a certain date range see T6736
The choice in the calendar "widget" changed to in 1/2/3 years in all cases. Those options work but the last choice "no date" has no effect.
Works, setting "compatibility-flags vsd-allow-ocb" in the gpg.conf causes new keys to be generated with the AEAD feature flag OCB. And encryption to that key then uses OCB mode as long as the compatibility-flags is set.
Sep 25 2023
Sep 22 2023
Encryption to the ADSK seems to work but I'm not sure if everything is displayed as expected.
How about adding "-2" to a document where before _signed already was in the name, i.e. foo_signed.pdf -> foo_signed-2.pdf and so on: foo_signed-3.pdf, ...
works with VS-Desktop-3.2.0.0-beta214, too.
You are now informed that you do not have permissions to write there.
For VS-Desktop-3.2.0.0-beta214 this does not work yet. If a keystub exists, it is not overwritten.
Kleopatra now shows:
Sep 21 2023
works in 22, too (tested with VS-Desktop-3.2.0.0-beta214)
Does not work yet on VS-Desktop-3.2.0.0-beta214:
Tested in VS-Desktop-3.2.0.0-beta214 by encrypting a large file with Kleopatra. The progress bar shows percentage finished, progress looks all right
I've added a footnote in the VSD user documentation regarding this difference as a very minimal measure and a reminder for support.
Could we then clarify this for the user somehow? Maybe both
a) add "Sign/Encrypt Folder" to the default menu bar - it would need an icon added for that, too
b) make it clear in the documentation