ok, neither is a no-brainer, i see. But I would vote for the left to right order, i.e. the alternative you mention. This has the advantage that the card type is listed on the left side with which one can maybe better identify the card. In my example the type is "Yubico OpenPGP-v.3.4-card", I do not see the info that it is a Yubikey anywhere else. Therefore a blind user will only get that info up front if the left side is read first.

Your suggestion sounds ok to me, maybe with a slight change for the message: "Failed to encrypt the notepad because at least on certificate could not be validated."

yes, basically it's what we want.

2.2.53 was released wit VSD 3.3.6

I tried but couldn't reproduce it any more. Therefore setting it to invalid.

Before making subtickets for each application: I wonder if it is not all Kleopatra anyway? Isn't the security approval dialog basically Kleopatra?

The equivalent for invalid S/MIME certificates are not-certified *PGP certificates.
(Valid/invalid are not ideal as technical terms as they have a broad general meaning, too. I hope my usage here is correct ;-) It is what I gathered from an explanation given by Werner.)

feedback of @mmontkowski needed

Invalid and expired are different cases.

According to Werner, that should be:

After talking to Werner I lower the prio as apparently there is no direct customer request for this

To clarify, the state in Kleopatra Ingo described a year ago has changed, with T7579: Kleopatra: improve menu items the refresh option in the Tools menu was removed. Both actions to update certificates - in the context menu and in the details - are/work the same.

The remaining open points of this ticket will be "won't fix" for now. When we plan to change something here, we should open new tickets, this one got confusing.

Sound sensible. Ok, then this ticket will only revert T8022 for archives which were renamed.

1. That the users focus on the documentation which is more important for them.
2. That the menu is not too long. This point will be +/- moot now but removing "more documentation" now would make extra work.

And 1) stays valid. So I'd keep it in place until all the new documentation is available. Unless @ikloecker sees this differently

Please keep in mind, that for the 3.4 release, we will most likely only have the User Manual ready, not sure about the Administrator Manual.

added vsd34 for the resetting of the defaults

In vsd 3.3.6 the option is now greyed out.

@ikloecker I'd like it if we could backport the resetting of the preferences to vsd34.

Font selection dialog lets the user choose a font size, which is then not respected - can we disable selecting the font size?

Any further improvements will have to go in a new ticket when we have a plan. I'll close this one.

ok, lets go with the message box.

Q1 stays like it is, for Q3 @tfry made a merge request to wrap after 120 characters. Please add a link to this.

Follow up for Q1 is T8166: Kleopatra: Add "Save Secret Team Key" button to success message after creation of "Team Key"

why gpg 2.4? Don't you mean 2.6? I'll add the proper 2.6 tag for avoiding confusion

FYI: We had a VSD support case today where the user complained that they thought the Admin PIN would work because of the tooltip text but it was not accepted. They needed to give the PUK, which is consistent with the state given in this ticket.

From the support angle, the worst of these issues is that the default will not be restored for VS-NfD. But then: nobody has inquired about that yet…

What is fixed, what needs still needs to be done and should go into another ticket?

I thought Gniibe's comment meant that gpg does report the errors now correctly…
So what is still to be done in gpg?

It is not (easily) possible to check for available keys first, before asking for a passphrase? (Like it is with gpg 2.2.)

I've created the ticket above for Q2, we need to discuss how to follow up Q1 and Q3 next week.

as T8022 was backported, this one should be backported, too, if possible. I'll add the tag

So this is all done, then. As for the open issue there is T7565: Kleopatra: Add tooltips in sign/encrypt window if an encryption type is greyed out

I guess those things need to be changed in Kleopatra after @gniibe made the changes in scd. I'll add a Kleo tag for discussion, as we should probably make several tickets from this.

I've made the above ticket for Q2. Regarding Q3 we leave it as is, if customers should complain we could then consider changing that.
Regarding Q1: we should talk about that next week. But I'll close this ticket.

Is this still a requirement?

well, you are showing 4 pinentry-qt windows above. The reference to pinentry meant those windows.

For verification text improvements we have various other tickets, see T8095. I'll add this one as another of those.