Please be so kind and describe the regressions you see. 3 log files from your software are not very helpful.

ikloecker: Please go ahead

IIRC, the problem is/was that this breaks some old keyservers. But there are no more old keyservers - if there are useful keyservers at all.

A clumsy workaround for the Kleo bug is to put "keyserver ldap:///" into the global gpg.conf after an ignore section containing keyserver. This will let gpgconf emit "ldap:///" unless a local gpg.conf exists.

Thanks for the offer. However, the core developers are using tokens for more than a decade meanwhile. We even make our own tokens ;-).

The first is a warning and the other error codes are exactly what we want.

You may run

Yeah, remove it.

@aheinecke: Please change the Original URL to https://dev.gnupg.org/w/gpg4win-or-gnupg-vs-desktop-bug-report/
. This creates a cover sheet which does not ask the user to login or register an account to later just realize that she may seatch the tracker w/o an account.

There is a "sharing violatation", error which means another process got access to the card. You can try to put

--quick-gen-key supports this but there is no general option; the 2 years are hard coded.

Sorry, we won't do that. Actually SHA-1 is still allowed when used in a KDF mechanism like S2K. OpenPGp is about Public Key cryptography and for that it is important to keep the keys safe. Protection the private key with a passaord is a failstop scheme which gives time to revoke the actual key and handle the compromise. When suing symmtric encryption (gpg -c) ist is strongly sutested to use a password with at least 128 bit entropy (e.g. by using our magic wand button). The S2K iteration is actually not needed in such a case.

Not a bug but a limitation of 2.2's option listing: In contrast to 2.3 we can't *show* the used options via gpgconf correcly if there is a conflict between global and local options. However, the actually *used* values are different and correct according to the config. In particular a global forced option overrides any local or command line option.

We should only allow this for v5. This way we get incentive to move forward. ed448 requires a newer version anyway and thus it is good to take this as an opportunity to also demand AEAD etc.

Thanks for the well written bug report and the fix.

I guess this is solved. Feel free to re-open and schedule for 2.2.34

Might be a TOR Thing?

FWIW: We need a DCO; see doc/HACKING.

No, too much release work. Better just one AppImage. Or well one VSD (based on 2.2) and one regular (based on 2.3)

I do not think that we should put any more support for FDs into gpgrt. The goal is to move entirely to the Win32 API.

Your item "2. Allow exporting multiple groups at the same time." is not really important. If you want to do that, please make sure that each group is exported to a separate file.

Please see T5696.

No autoreconf etc. Use only our method to cross build. That is $src/libgcrypt/autogen.sh --build-w32.