The first ideas sounds best to me. Patches please to the mailing list.

I think it's worth noting that this is not restricted to encrypted e-mails but signed-only e-mails also.

Is this only about options shown on the "GnuPG System" tab?

The tool tip pop-ups are now read out by orca (if reading out tool tips is enabled; it's disabled by default).

Thanks for the log and the analysis so far. In the log it is visible that the problem is that gpgol cannot create a temporary file to store the mails contents. Due to this it fails later as it has no data to encrypt. The storage as a temporary file was added in 3.1.16 to allow more embedded outlook objects since we now ask Outlook to first serialize the file. I wonder why this only occurs to very few people. Obviously it works for most people, including me.

Applied the changes to master.

Thank's Diedrichs for this hint.
Here it works again using Gpg4win V.3.1.15.

Key length requirements for KDFs are specified in SP 800-131Ar2 (https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf), which is linked from SP 800-140Dr1 (https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-140Dr1.pdf) in section "6.2.1 Transitions".

FIPS 140-3 (https://csrc.nist.gov/Projects/cryptographic-module-validation-program/fips-140-3-standards) points to SP 800-140Dr1 (https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-140Dr1.pdf) to list acceptable "Security Parameter Generation and Establishment Methods". From this document, RFC 5869 (i.e., HKDF with the counter at the end) can be reached via two paths:

Fixed in libgpg-error.

We removed assuming "OPENPGP.3" means for ssh.

Having "Use-for-ssh" flag now, experience shows that including OpenPGP.3 keys by default is not convenient.

The general functionality should work now. I looked for labels showing links and converted most of them to HtmlLabel.

Text labels that get keyboard focus are now indicated with a focus frame. It depends on the Qt style how the focus frame looks like (or whether it is drawn at all). For the Breeze style, that is used on Linux systems, I have pushed a merge request (https://invent.kde.org/plasma/breeze/-/merge_requests/229). The necessary changes will be included in the next release of KDE Plasma.

I've tried a few things now. Reinstalled Office, reinstalled GPG4win, reset Windows 11 with recovery when still worked. Nothing helped.

I've tried a few things now. Reinstalled Office, reinstalled GPG4win, reset Windows 11 with recovery when still worked. Nothing helped.

oh no

The user id list is in the wrong tab order (just before the Close button).

In T6040#159431, @Valodim wrote:

I suppose you're right, we might have crossed that bridge a while ago. Simple availability of certificate- or even signature-specific keyserver URIs just make the risks of honor-keyserver-url more obvious than before.

I suppose you're right, we might have crossed that bridge a while ago. Simple availability of certificate- or even signature-specific keyserver URIs just make the risks of honor-keyserver-url more obvious than before.

In T6040#159428, @Valodim wrote:

This is a reasonable feature, however it should be noted that this implies a fairly large metadata leak: You are essentially adding a URI to signatures that will be pinged on signature verification.

This is a reasonable feature, however it should be noted that this implies a fairly large metadata leak: You are essentially adding a URI to signatures that will be pinged on signature verification.