- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Mar 22 2024
Sorry I just noticed that I mixed up the duplicate closing. I wanted to close 7050 as a duplicate of this and not the other way around. Since this description was more general and better.
Just to triage this
Mar 21 2024
Mar 15 2024
Mar 13 2024
Mar 12 2024
Isnt this more of a task for werner? But if you could create a patch that would be great, too
this should be easy since we already start gpg-agent on start
needs to be fixed soon. But we don't have a tag for Gpg4win 5 or whatever we call a kf6 based gpg4win.
Mar 8 2024
Mar 6 2024
Mar 4 2024
Feb 25 2024
Thanks for the rort
Feb 22 2024
I already mentioned the exact same thing in T7004 and this user also used the wiki style of the bug report form at first to report a bug. That is why I took the extraordinary step of blocking him.
Feb 21 2024
Too similar to T7004 I have disabled this user.
Feb 20 2024
@jmrexach I think I undestand now @TobiasFella can you have a look please?
Hi,
please use English in this tracker. At least using an online translation service.
Yes we could add that. Okular has this actually. For now we were Happy to go with the system default in the last version :)
I cannot reproduce this. If I right click the tab I can rename it just like every other tab. The tabs do not change their names based on the current filter that is used that is only their default name. And the default for the first Tab is "All Certificates"
Yes, basically these actions check if the underlying document is there and if not they make themself invisible. But then they should not be in the menu in the first place. But I believe the impact of this is rather low.
This seems to depend on the Platform theme. Under Windows I get the same results as you on linux It works fine with me
since we are currently in the process of upgrading our UI Framework we will need to recheck this. To avoid too many duplicates in the tracker I will merge this ticket into our general "revisit dark mode" task T6076: Kleopatra: Many icons are hard to see if the dark high-contrast mode is activatedFeb 19 2024
Mh, the problem is that this is really a speciality feature which KMail currently has, that you can configure for a contact to prefer S/MIME over OpenPGP even though you have both keys.
Feb 16 2024
Feb 15 2024
Talked to werner about this. We will but the list of signed files into the Gpg4win repo proper to that signing is part of the normal Gpg4win release (of course only if you have a signing key configured)'
Isn't the kleopatragroupsrc just such a config file?
Feb 14 2024
Yeah I also signed all the binaries for the last Gpg4win release (4.2.0). I think we should support the case that only signed binaries are allowed on a system.
I have disabled update notifications for now. We can reenable them with the next Gpg4win release when we fix Kleopatra to again query for the Gpg4win version and not for the Kleopatra version. I am leaving this open to fix just that in Kleopatra. If you now go under help -> check for updates it won't show you an update anymore.
Will do. Thank you very much.
I give this low priority because in my view users should not initiate file encryption by launching Kleopatra. I still hope that most users should not even realize Kleopatra exists and only interact with it through the dialogs. Putting the action in the toolbar is also already possible through configure toolbars. I rather would find it more confusing to have two encryption buttons next to each other.
Giving this the same priority as the parent task.
Feb 13 2024
Ah, sure that also makes total sense, I thought you wanted it disabled if it did not extend all subkeys.
You have to restart once. Then it goes away. We can't do much about this since we load the icons etc. at startup and don't have dynamic color changing. It might be better with the next Version which will update our UI Framework but no promises. I leave it open for now so that is a known issue.
Ikloeker is our resident accessibility expert and Kleopatra has a certificate for accessible software so I agree that we should not change it. Or is there a specific issue / condition for you that makes this extra hard to read?
I need to investigate why this happens. Maybe we can as a workaround fix it on our server side without the need for a new update.
If things start unexpectedly you already went to the console to change it or already changed it in the subkey view. Otherwise it is too intelligent for my tase since I have subkeys for example with different expiry dates. But nearly all users won't have that. I think the current solution is good. But @ikloecker can you change it please to +/-1 one hour you are right that the time window is too short.
Feb 8 2024
@TobiasFella Since werner, ebo and ingo will be only talking about the smartcard related issues next week, I think there are plenty of nice jobs here :)
Feel free to fix this
I think the attack ingo talks about would mostly be covered by checking if the file already exists before moving it into the private directory.
In E1020 @TobiasFella wrote about this: Sizehint is correct, but only at a later point in time; also, apparently some cache invalidation problem? Since the current version works fine with a fixed size, might not be worth the effort to fix.
I think this currently is fine. You can always go into the subkey view and the the expiry date there for corner cases.
I think we can close this issue. Ikloecker explained why. The hint comes from the help files and I think at the time I opened the issue I did not use the help messages.
Hi, you have "compliance de-vs" in your %APPDATA%\gnupg\gpg.conf. But have installed Gpg4win. The default key pair algorithm of Gpg4win is not VS-NfD compliant, in fact the whole Gpg4win version was not approved for VS-NfD. So just remove that compliance line from your config and everything should be fine. Otherwise the forbidden indicates that you are trying to generate a non-compliant key with a version configured for compliant operation.
Feb 7 2024
I don't think that we need to show which keys are compliant or not because that is already shown by the VS-NfD compliance status. And then we only have left the case where the keys are expired / revoked so a user could sort by validity to find out which ones are those.
Yes that probably gets lost along the way, where we communicate with scdaemon to generate the key. Needs to be tracked down. Such things can be very confusing to users. Especially if that increases the PIN Retry counter!
Yes I think that some keys must match, e.g. if you filter for S/MIME you only want to see groups where at least one S/MIME certificate is part of the group. Or for expired to see if there are groups with expired certificates in them.
Feb 1 2024
Jan 30 2024
Jan 26 2024
Regarding https://invent.kde.org/pim/kleopatra/-/merge_requests/106 I cannot login to gitlab right now. Since I have to manually migrate my fdroid apps to the new phone and my 2fa app is one of them. But I agree with everything ingo said there.
Jan 19 2024
- To configure a keyserver none I have now T6950: Kleopatra: Usability improvements for directory services configuration
- For tarball naming I created T6952: Gpg4win build system: Include commit hash in tarballs from gen-tarball.sh
- For the about dialog I have T6953: Kleopatra: show commit id in about dialog
I renamed the task accoringly.
Oh These are good points
This is not the first time I saw that users are confused by this. My wish would be to change the label of the Group at least to "S/MIME (X509) Directory Services"
@ebo Is this fixed now?
In T6946#181608, @werner wrote:The min-rsa option was introduced due because the de-vs compliance allowed 2048 bit until the end of 2023 and we used a trick in our configuration file to switch that relaxed handling off with this year. I don't think that the --ciompliance option is really useful becuase it would also disallow ed25519.
A better option would be an --assert-algo option similar to the --assert-signer which we already have in gpg.
But thanks for reporting! I really like feature requests so please do not feel discouraged to request more features.
Sorry, but this is a "Wontfix" we do not support this by choice. We think that adding photos to certificates both gives a wrong sense like "I know that picture, iit must be this person" and also increases the sizes of the certificates a lot. It is in our opinion a misfeature in the OpnePGP specificationl.
Jan 18 2024
Hi, ebo I would still think this is resolved. Because it was never meant that the user manually enters the value of "none" because there is no hint for the user that "none" is a reserved word. It should either be administratively configured which does not make much sense for Gpg4win or provided by the distribution. If left empty the default of GnuPG should be used. If we really want users to deactivate keyserver access by using "none" in the dirmngr.conf a much better solution would be a checkbox for this. In that case I would open a new issue.
Jan 15 2024
In T4127#170518, @aheinecke wrote:With the recent commit the old workaround works reliably again.
I can test this. For Ebo I want to try using the flatpack so that she can benefit from Dans work on debian stable, too.
I do not think this is a very common usecase. For me regarding CMS file operations it would be more important to implement T2435: gpgsm combined sign and encrypt which I find the most annyoing issue regarding CMS file encryption.
I think this is resolved now.
This is what T6799 this needs to be fixed in general.
Thank you for the detailed report. I will look into it.
The background for this is that .mime we can treat as as a custom extension for us since no one else that I know uses it but it is a registered extension.
Jan 12 2024
Awesome, thanks for the report 👍