Sorry, I don't understand your problem. Please explain what you did and what the (perceived) problem is. BTW, GnuPG 2.3.4 is a very old version.

Hello,
I have a hard time to agree that is the right thing for gnupg to throw an error if it successfully imported a revocation certificate for an expired key. This is a meaningful (and not useless) change even if the key is expired.

The possibility to drag certificates from Kleopatra to somewhere else has been disabled for Windows builds. The change has also been backported for vsd33. In the vsd33 AppImage it should still be possible to export certificates by dragging them from Kleopatra to, for example, Dolphin. Maybe we still want to remove the vsd33 tag.

Kleopatra now asks the same questions as the GnuPG backend. The choices the user can make are a bit different because the user already told Kleopatra that they want to trust (or distrust) a root certificate. Therefore, the first dialog only has "Yes" and "Cancel". And the fingerprint dialog (which is only shown for Trust but not for Distrust) only has "Correct" and "Wrong". Another difference is that in GnuPG clicking "Wrong" makes GnuPG mark the certificate as untrusted (which is a bit surprising). In Kleopatra the certificate is left unchanged if the user selects "Wrong".

If gpg-agent's option "no-allow-mark-trusted" is set then the actions "Trust root certificate" and "Distrust root certificate" won't be available. If the option is set while Kleopatra is running then it needs to be restarted to get rid of the actions. If one tries to use the actions then Kleopatra will tell you that you are not allowed to do this. Similarly one needs to restart Kleopatra to make the action available again after the option was unset.

Tested again on linux with current master (at 18081e2ecf43de2be6ad5a7ca3384e1e2b66914d) and 2.2 (at 5c0383d558cc9112c4c0984a3b2a6c98b29a92ca) - still same behavior.

In T7322#192972, @ebo wrote:

Which is of course technically correct but why can't we have the much more clear "invalid ADSK ... specified"? I think this would help troubleshooting.

You should use gpg-agent's integrated ssh-agent. It is anyway much more convenient. I'll move this task to gnupg26, though.

Backported to 2.4 to go into 2.4.6

Was fixed in master with rG374195e741cf1c52daad6c07799d308c8a9f73e3 (bug tag was missing in the commit).

Fix backported to 2.4

Alright, finally supported by gpgme (fot 1.24) For testing you may use

As the tabs were never part of a official release, I remove the workboard tags

gpg4win-beta-64: The smart card tab introduced by T7249: Kleopatra: Remove tab "Smartcard" in the certificate details window is gone again

It was decided to remove the tab again: T7249: Kleopatra: Remove tab "Smartcard" in the certificate details window, so its gone in 4win-Beta-64

works for 4win-Beta-64, too

Backported for vsd33

This is not on any workboard. But I tested it with 4win-Beta-64 and the error shown in Kleopatra is now "Unusable public key".
So I'll put it on vsd33.

Thus the rule is that all our Qt applications except for pinentry need to fist initialize gpgme to get the actually used GNUPGEHOME. gpgconf either takes this from the GNUPGHOME envvar or from its default or via its gpgconf.ctl file.
The latter can eventually be used to move the default homedir to %APPDATA%\gnupg-vsd so to allow using different versions of the gnupg engine.