This also points out that the cipher algos and modes of the symmetric encrypted session key packets where never checked for compliance. We only checked the compliance of the bulk encryption cipher algo.

This was added in b03fab09e188f7bb10237d4f20455e4026737e4e

Oh, there appears to be a reason for that. In line 699 of mainproc.c:

/* Symmetric encryption and asymmetric encryption voids compliance.  */
   && (c->symkeys != !!c->pkenc_list )

I have exactly this problem with yubikey here,
since i upgraded to gpg4win version 4.0.3 which contains gnupg 2.3.7 i get the same error as openpgp key not recognized.

The original issues have been addressed. Moreover, the actions are now available as buttons additionally to being available as context menu items.

@tigernero 2.3.8 is not yet released. Pretty sure gpg4win is a separate project, presumably you'll see a changelog entry here (as there is bumping to 2.3.7 in the latest 4.0.3) when it's in:
https://www.gpg4win.org/change-history.html
https://www.gpg4win.org/support.html

Agreed

The OpenPGP-related changes mentioned in T5832#161063 have been implemented.

I think this was mostly covered with T5362: Kleopatra: Add warning in compliance mode if gnupg version is not compliant and T5653: de-vs and GnuPG 2.3.3 error.

Has this been implemented?

As part of this the "Change Reset Code" button should be hidden in the general user interface.

I don't think that we need to fix things here. Important is that the WKD import uses a filter which imports only keys with the requested mail address. However, if a key with the same fingerprint already exists it will be merged.

The provided change does not look like fixing the problem for me. The path to gpgconf is still wrong and I am getting the same error both with master and with the patched tarballs:

make[2]: Entering directory '/home/jjelen/devel/gnupg/tests/tpm2dtests'
LC_ALL=C EXEEXT= PATH="../gpgscm:/home/jjelen/.local/bin:/home/jjelen/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin" abs_top_srcdir="/home/jjelen/devel/gnupg" objdir="/home/jjelen/devel/gnupg" TPMSERVER="" SWTPM="/bin/swtpm" SWTPM_IOCTL="/bin/swtpm_ioctl" GNUPG_BUILD_ROOT="/home/jjelen/devel/gnupg/tests" GPGSCM_PATH="/home/jjelen/devel/gnupg/tests/gpgscm" /home/jjelen/devel/gnupg/tests/gpgscm/gpgscm \
  /home/jjelen/devel/gnupg/tests/tpm2dtests/run-tests.scm  
gpgscm: error running '/home/jjelen/devel/gnupg/tests/tools/gpgconf': probably not installed
(wait-process "/home/jjelen/devel/gnupg/tests/tools/gpgconf" 2693795 #t): Configuration error

I can't find a url to download gnupg 2.3.8 for windows is it possible to know when gpg4win v.4.0.4 is out which fixes this bug? because currently on windows systems I am stuck using yubikey.

It is unlikely that the tofu stuff will get into widespread use in the 2.2 version - if at all.

Fixed quite some time ago.

No lets close this now.

As 2.3.7 was released on the 11th of July, see https://lists.gnupg.org/pipermail/gnupg-announce/2022q3/000474.html
I guess that this issue should be closed and some issues moved to one with 2.3.8.

Priorities went off this task for three years now. Is "Release Info" still the right tag?

As discussed with Andre we streamline certificate generation as follows:

• We remove the "Choose Type of Key Pair" dialog.
• We replace the "New Key Pair" entry in the main menu with "New OpenPGP Key Pair" and "New S/MIME Certification Request".
• For OpenPGP, we replace the result dialog with the "Next Steps" buttons with a simple success message box.
• For S/MIME, we immediately show a Save File dialog instead of the result dialog.

We have three styles enabled / installed, Windows the Windows 95 style. Windows Vista and fusion. Windows Vista is the default. On Windows 10 these look like the following. On windows 11 they look slightly different again but that is mostly due to window decorations.