Lot's of things changed in the meantime.

HKP keyservers are anyway out of fashion and thus we won't put anymore effort into his part of the code.

Lot's of changes since 2.4.

The choice in the calendar "widget" changed to in 1/2/3 years in all cases. Those options work but the last choice "no date" has no effect.

Eva and me tested this using our 2.2.42 release candidate on Linux and
on Windows and were not able to replicate your problem.

Works, setting "compatibility-flags vsd-allow-ocb" in the gpg.conf causes new keys to be generated with the AEAD feature flag OCB. And encryption to that key then uses OCB mode as long as the compatibility-flags is set.

Eva can you please try to reproduce this? I can't really imagine that this is true since we have soooo many users with yubikeys and do a lot of internal testing on them. To be fair please try with your standard devuan GnuPG and not just with an up to date version.

Actually, a GUI to maintain the keys in an LDAP would be helpful for many sites.

This works insofar that it is now possible to set "none" (via the registry in VSD):

Yes I can see that gpgtar correcly lists the directory with procmon, accesses the files but fails to create the output file indeed.

Instead of all the debug options, please use

From my practical expexperience, @ebo's suggestion will work best for me. The other thing I have seen is to not use -signed but to append the initials of the signers.

In 2.2, KEYINFO output doesn't support A-flag for the information if card is online or not.
We need to clean up this discrepancy.

I pushed rGff42ed0d69bb: gpg: Enhance agent_probe_secret_key to return bigger value. to fix this issue.

I know Microsoft is probably not the best example, but copying an already copied file with the Windows Explorer you get "Copy of Copy of Copy of originalname.txt". Moreover, I think foo_signed_signed_signed.pdf makes it pretty clear that this is a PDF that has been signed multiple times. I would leave it as-is. People who don't like the name can easily change it.

I think there is a timing issue between the termination of a job and the retrieval of gpg's output, so that gpg's output is sometimes truncated or even completely empty. This is a general problem and not specific for this ticket.

Encryption to the ADSK seems to work but I'm not sure if everything is displayed as expected.

How about adding "-2" to a document where before _signed already was in the name, i.e. foo_signed.pdf -> foo_signed-2.pdf and so on: foo_signed-3.pdf, ...

Just for reference:
Make it signature pretty: https://dev.gnupg.org/T6732
Default path: https://dev.gnupg.org/T6731
signed_signed: https://dev.gnupg.org/T6730

Unfortunately, "make it not ugly" is a bit hard to work with. I'm open for ideas.

I'm going to assign this to @aheinecke - but @ebo might also have opinion on how it would be nice.

As this issue was originally just about the "versioned file" and where to place _signed, I think we should keep this closed. Will create new issues based on the notes here.

I'm told that this is also what acrobat does, which is one of the reasons for the current approach.

works with VS-Desktop-3.2.0.0-beta214, too.
You are now informed that you do not have permissions to write there.

For VS-Desktop-3.2.0.0-beta214 this does not work yet. If a keystub exists, it is not overwritten.

Somebody else needs to take over.

Encrypting folders with umlauts in the folder name and decrypting archives with umlauts in the file name now works for me on Windows. Encrypting folders and decrypting archives with kanji in the names still fails.