Oct 5 2023
Oct 4 2023
The tag of the last displayed user ID that has a tag is chosen. And that's tag tagC1 in the above scenario.
Works, the expected behavior from the description is shown.
With the current Beta VS-Desktop-3.2.0.0-beta229/231 the tags in the tags column in the certificate list are always shown, regardless of the configuration option "show tags of certificates". Only the tag of the primary UID is shown there (which makes sense, IMHO).
The new "no 509 certificate" message box comes up always when restarting Outlook and then immediately composing and sending a message, even when the user has a certificate.
-> add a check if the cache is already loaded in GpgOL
For the Berta Key in the Testversion: *After* entering the Password for the signature, the new GpgOL message does show. When I choose "Retry" in spite of the warning, the mail is send out encrypted.
So I was only confused because I did expect another order of events. Something seems redundant and confusing here:
First you are shown the security confirmation dialog an click on OK (with the small warning sign and "not compliant" next to it), then you are asked for your password (if it is not in the cache) and then you get the new Warning message with the option to "Retry". Although you already in the first dialog chose to encrypt non-compliant.
Btw: The error message from gpg is for me not "end of file" instead it is: "Syntax error in URI"
If I repeat this with a totally empty keyring, I get the new message regarding the missing signing certificate.
Sorting problematic keys to the front make sense to me, but might be complex since we just add the certificatelineedits and then would need to do some kind of dynamic layouting regarding on the return value of the linedits key.
I pushed rG321f9c0a3f28: tests:tpm2dtests: Fix tests with TPM2D. and rG98dd6f7af6aa: tests:tpm2dtests: Fix tests with SWTPM. (and other small changes).
Now, it works with two cases:
- tpm_server
- swtpm, swtpm_ioctl, and tssstartup
With this certificate I do get the security confirmation dialog without "always show" on, but still no new message box.
Yes, the wording for this line should be improved, I agree.
In the current release and the releases up to now this action did not work at all when it was not used in combination with encrypt. That usually happens only if an administrator activates the "always_sign" option, prefers S/MIME and then does not issue users with S/MIME certificates. For OpenPGP we have the "Generate" option preselected in that case.
Without "always show" I get a pinentry immediately after hitting "Send". So no warning.
I realized that I still had "always show confirmation dialog" on... When I turn that off I get the default error message, but with encoding errors:
(I'll take care of the line break, btw)
I do not see the default error message, not even with a new, totally empty keyring.
I immediately get:
For sent mails folder there is no solution. The problem is that if the mail never leaves the exchange server it is not converted to a standard compliant PGP/MIME but left in Microsofts internal MAPI format where it looks like this. I think thunderbird has support to fixup a message if the mimetype of the first attachment application/pgp-encrypted. Which reminds me that we need to change the filename of our internal attachment, too to use .mim as an extension. Then you will at least also be able to open such messages on other clients with Kleopatra directly to view the contents of the mail. And a side effect of this might be that Enigmail might then be able to open the mails. If not we would need to talk to enigmail how to solve this.
Uploading two patches for review:
Oct 3 2023
Oct 2 2023
After some investigation it turns out there are several bugs in the thing that eventually produces an email with the counter proposal.
Do you have any hint how I can test this? I installed Chinese-Simplified (zh_CN) but I fear switching the display Language. Maybe I should just use _wasctime and convert to utf8
I had a look at the current state (VS-Desktop-3.2.0.0-beta229/231 from 2023-09-29):
So I have analyzed the problem and I think I understand it now, but I don't really have a solution yet as I think a new option or change in gpgtar might be needed. I think the easiest would be that if --utf8-strings is provided that also the --output parameter is assumed to be UTF8 encoded? And not just the files from --files-from?
See also https://dev.gnupg.org/T6401#176099 which explains why OpenPGP seems to behave differently than S/MIME.
again aheinecke:
aheinecke wrote regarding not showing the group at all (https://dev.gnupg.org/T6401#175847):
This was actually implemented in a similar way for T3490.
Sorry, done now
I have created a merge request for upstream to remove the useless "No date" option:
https://invent.kde.org/frameworks/kwidgetsaddons/-/merge_requests/213
I have added a patch with the changes to gpg4win, so that we do not have to wait for the fixed upstream version.
You forgot to add src/inst-pcre2.nsi and src/uninst-pcre2.nsi
This is in contrast to the behavior for "single" keys. An expired key is not listed as available for encryption at all.
This one is one me. I think the issue is gpgme-w32 spawn.
Oct 1 2023
Sep 30 2023
Hi, thank you so much and sorry for delay.
This beta is working for us perfectly.
After some investigation into what everyone else is doing, nobody seems to be using and supporting this property as of now. The big players (Google Calendar, Office365) abuse the Location field to store the URL for the onlin-meeting with alternative methods of joining the conference (e.g. dial-in numbers. etc) stored in the event description.
I guess we should add an extended API to set the filter.