@werner
It is good practive to open a public ticket for many projects, because otherwise the XMPP users don't know if the fact is already known, reported or being worked on. Alternatively: Let us document the procedure in public what someone should do, if the xmpp server ist down or the certificate is expired. What is that procedure?
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Apr 1 2019
As it ran out again before this issue got officially closed, I'll reopen it with an extended title.
Wasn't the idea to automate this somehow? >:)
Mar 12 2019
Reading through this issue and the related documentation: Thanks for writing this all down and adding links!
Jan 29 2019
Nov 27 2018
Precondition: A list of pubkeys, as keyring or as keyring file with list of fingerprints.
Goal: a static file structure that can be uploaded on my webserver.
Platform: Windows, a better solution does require less additional dependencies apart from Gpg4win.
Nov 26 2018
... that would be useful in many ways. I'd say we should support anyone who wants to use pythong-gnupg on windows.
@werner it is like @aheinecke writes:
Nov 14 2018
May 22 2018
May 11 2018
Apr 16 2018
Got the question about this note from a user (in a internal email) and I see the problem that users do not have enough information to decide this. They do not know what the consequences of this note are (and suspect it to be the cause of error of they see it together with other problems). So to me it is more than a 'wish' as it will generate questions and leaves users in a situation where they cannot progress by their own in most of the situations.
Hint from @gniibe: gpg --with-colons --list-config curve is a workaround.
So it still should be documented and made accessible from a non-esoteric, non-internal way. ;)
Apr 13 2018
Apr 3 2018
@dkg thanks for the link.
Mar 14 2018
Mar 2 2018
There was a second person asking for a list-packets feature to verify if a file is encrypted correctly at gnupg-devel.
Feb 28 2018
Note that "Wrong name" severely misses information about that it is connection related in any way. :)
Just adding "Connection problem: TLS: " would already help a lot.
An additional note: It is harder than with gpg-2.0 to get more details about a failed attempt to receive pubkey material. The keyserver options cannot be called from gpg direclty, but have to be given to dirmngr. I don't have a solution this, it is just an observation.
Feb 23 2018
@werner sorry for asking again, I may be missing something: just saw that you've marked my comment for line 259 as "done". But in master and gnupg-2.2.5 I still see the sentence as
Export the private key and the certificate identified by @var{key-id} in using the PKCS#12 format. which does not pass my English parser. :)
Feb 22 2018
It makes --export-secret-key-p12 the recommended way to transport a privat CMS key. (fine, if this is, what was intended).
(Note that there is a typo in line 259).
Feb 19 2018
On saturday I could observe the problem with a fresh Windows 10 Home edition.
Feb 16 2018
Feb 13 2018
Another observation: Just opening the file from the explorer is not enough, but once I was on the details of the digital signature, opening works. So for whatever reasons Firefox and Chromium do not trigger the security check.
Observation: When downloading a new version of Firefox, there is another dialog before the UAC comes and the following UAC is fine then. Question: Why does Gpg4win3.exe directly goes to the UAC and firefox.exe triggers a different dialog?
So I can reproduce the problem on a Windows 7 virtual machine with all important updates up to the 5th of February, 2018.
Feb 12 2018
When disabling CRL checks, you expose the user to drawbacks by outdated or revoked certificates. While I agree that improving implementations to not check the validation information too often or even build proxies is a good idea, I have a tendency to keep crl checking enabled for CMS crypto operations because it seems to be a lesser drawback.
Feb 6 2018
Feb 5 2018
Jan 29 2018
Still open.
Jan 17 2018
For transparency reasons: Intevation will make Werner an offer for maintaining dev.gnupg.org.
Still not solved.
Jan 12 2018
Jan 10 2018
Dec 28 2017
If you are encountering the problem, please
- Check that you have updated your Windows operation system to the latest version and you've got all security updates. (As some necessary certificates may have come later with an update.)
- Does the behaviour change if you "investigate the certificate chain" through -> Properties -> Digital Signatures?
Dec 14 2017
Hi @hs,
given that you have used the instructions from the link above to look at the message,
I'll take it that you are using an IMAP/SMTP setup for mail transportation?
Nov 30 2017
Nov 21 2017
Nov 17 2017
Nov 14 2017
Nov 13 2017
@aheinecke Regarding closing: I'd say that we should have a test on this one and then close it for only the refocussed "send-folder problem".
Can you provide an updated gpgol.dll drop in replacement?
Some of the users in the forum may be willing to test as well.
Nov 10 2017
Nov 7 2017
So maybe there is also a display problem, as I saw 0:00 in Kleo. I have to recheck.
Oct 30 2017
When receiving an S/MIME mail that is encrypted, the successful log looks like:
Comparing the gpgol.log files in the case of OpenPGP decryption (successful) and S/MIME decryption in send folder (failing).
Here is the link to the wald report by John Mrkva:
https://wald.intevation.org/forum/forum.php?thread_id=1785&forum_id=21&group_id=11
Oct 27 2017
Hi, thanks for the report.
Oct 26 2017
Yesterday I could reproduce that emails in the "send" folder cannot be decrypted anymore.
Oct 25 2017
This week I'm trying to make progress with this issue.
Oct 11 2017
Oct 10 2017
Still failing.
Oct 9 2017
Oct 5 2017
I agree that it is better to keep it in two directories.
(The potential advantages outweight the drawbacks.)