I think this is resolved. In the Sign/Encrypt dialog we now offer the individual user IDs instead of the certificates, i.e. the two user IDs of the Udo certificate are both offered and one should be listed as certified and the other one as not certified (if one is certified and the other one isn't; for me both user IDs are ultimately trusted).

Closing this as duplicate of T7405. That ticket has the better task description as it was made after discussing offline how it could best be done.

closing this as duplicate for the improvement part, the support part is solved, anyway.

Interesting. Just a few days ago I noticed that Kleopatra creates a new tab with the imported certificates except when the import is done via the notepad (or via the clipboard). I guess we could add an option to open a tab with the imported certificates to the import result window.

Done for 2.5.0.

Done in 2.5.0.

Fixed in 2.5.0.

Fixed in 2.5.0.

Gpg4win-Beta-94: ok

With Gpg4win-Beta-94 now all is fine, even own deactivated certificates are now shown (using the "Disabled" filter) in bold font

Name of the window is now "GnuPG Configuration Overview" and "gpgconf -X" is preselected and executed in the window.

Latest changes backported for VSD 3.3

Backported for VSD 3.3

I like it better than the very long tool tip.

Changed in https://invent.kde.org/pim/kleopatra/-/merge_requests/316

Hm, probably I would be for the html-tags, then. Is there an example where one could see how narrow tool tips really get with that option?

We shouldn't have to add explicit line breaks. Explicit line breaks will lead to bad formatting (German: Flattersatz) for people who use huge font sizes (a11y!) and Qt will wrap long tool tips so that they won't become wider than the screen. Alternatively, we wrap the tool tips (in the code that sets the tool tips) into <html> tags. Then (for whatever reason) Qt will make the tool tips much narrower. (Some people think too narrow, but we have to die one death.)

Fixed in https://invent.kde.org/pim/libkleo/-/merge_requests/163

setting this to open for the small fix in the tooltip.
I suggest as new text:
"Disabled certificates are not offered when selecting a certificate to sign with or to encrypt for.\nThey are not shown in the certificate list with most filters."
And I think there should be an additional newline somewhere, as I was shown a much too long tool tip. The German text is not that much longer…

Removing the appearance filter won't fix own disabled certificates not being bold; the problem here is that the "My certificates" filter doesn't trigger at all anymore for disabled certificates

Yeah. so lets ditch that appearance filter. But that's for ticket T7217. So I'm setting this ticket to done for 4win.

You mean that a disabled certificate with secret key isn't listed with bold font? That's probably because we have an appearance filter for disabled certificates which takes precedence.

Gpg4win-Beta-70:
Looks ok.

Gpg4win-Beta-70:
All 4 items in the task description are realized as described.

gpg4win-Beta-70: works.
I disabled a certificate, it was not shown anymore in the "all" view. Change to the "Disabled" filter and enabled it again -> it shows again with the "All" filter.
Disabling a private certificate does not allow it for signing and not for encrypting to it. It is also not offered for these any more.
But verifying files which were signed by it works.

@TobiasFella prepared the installation in https://dev.gnupg.org/rW9218ebfb7c01478a6fa7b2892fec4d9fd83ba273 . I left some comments on this commit.

right. the installer needs to install kleopatradebugcommandsrc next to libkleopatrarc

• Name is now: "Show GnuPG Configuration"
• When I choose that, the window which opens has a title and a close button, the file extension on saving is .txt

I've checked and can confirm this is working as intended.

Kleopatra just checks if the option "default-new-key-adsk" is set (i.e. it doesn't matter if it's an option with scalar value or list value). The other two options that were changed are not used by Kleopatra.

Alright, finally supported by gpgme (fot 1.24) For testing you may use

Solved for gnupg 2.2, 2.4 and 2.6. GPGME support still missing.

I created a branch: https://dev.gnupg.org/source/libgcrypt/history/gniibe%252Ft7340/

Autoconf archive has AX_TLS: https://www.gnu.org/software/autoconf-archive/ax_tls.html
Also, AX_GCC_VAR_ATTRIBUTE(tls_model) could be used: https://www.gnu.org/software/autoconf-archive/ax_gcc_var_attribute.html

I do not want to do that for 2.2.45 (T7255) because we want to do that release RSN

Test on a dedicated Windows box (T 460, i5-6300U@2.40GHz, harddisk):

Overall effect of these changes tested on a small Windows VM is only 47 -> 26 seconds. Did also tests with --kbx-buffer-size but that does not make it better than the default, either.

Backported for VSD 3.3 together with changes made for T6666.

Will be available in 2.2.45 and 2.5.2

Now we are at 4 seconds. Available in master and 2.2.

With that patch we are down to about 6 seconds.