You could probably check that Kleopatra/gpgme calls gpg with the import option "only-pubkeys". For a real world test you'd have to upload a secret key to WKD.

The certificate can also be downloaded from https://www.bsi.bund.de/DE/Service-Navi/Kontakt/smime.html

Remarks:

• This works now on Windows and with the AppImage. This was achieved by customizing the internal application name of Kleopatra: kleopatra-vsd for GnuPG VS-Desktop, kleopatra-gpd for GnuPG Desktop, kleopatra for everything else.
• As a side effect the different flavors of Kleopatra now use different names for the main config file and for the state file, i.e. Gpg4win uses kleopatrarc and kleopatrastaterc, GnuPG VS-Desktop will use kleopatra-vsdrc and kleopatra-vsdstaterc, and GnuPG Desktop will use kleopatra-gpdrc and kleopatra-gpdstaterc.
• The internal application name is also used for config entries retrieved from the registry. That means that for VSD and GPD different registry paths are used in future releases.
• Testing on Windows requires T7040: Make it possible to install GnuPG VSD and GPD in parallel.

Some remarks:

• All Kleopatras use GNUPGHOME/kleopatra for the config files, but they use different names for the main config file and for the state file, i.e. Gpg4win uses kleopatrarc and kleopatrastaterc, GnuPG VS-Desktop will use kleopatra-vsdrc and kleopatra-vsdstaterc, and GnuPG Desktop will use kleopatra-gpdrc and kleopatra-gpdstaterc. That's a side effect of the changes for T7528: Make it possible to run Kleopatra VSD and Kleopatra GPD in parallel where the internal application name is set to kleopatra, kleopatra-vsd or kleopatra-gpd for the different flavors.
• The Kleopatra configuration files are not migrated to the new location. (The group configuration should already have been migrated.)

By the way, this also works for different GNUPGHOME. Tested with a gpgconf.ctl file with content gnupg = gnupg-gpd next to gpgconf.exe.

Kleopatra now writes/reads all config files to/from GNUPGHOME/kleopatra.

Logs of a recent hang

This is very similar to T5780 except that it concerns a different operation and thus a different window. The fix is likely the same as for T5780.

We do support "Decrypt & Verify" for multiple files (including the presentation of the status) so that it would be easy to do the same for all files in a folder (question is if this should even be recursive). Digging into the history I found that the desktop file was added shortly before Kleopatra 2.0.0-rc1, but that there wasn't any code for iterating a folder, i.e. this can never have worked.

Details should be the first action (since it's likely the most often used action by people who don't know about double-click). And I'd move the "destructive actions" to the bottom. And there are way to many separators.

In T7502#198141, @ebo wrote:

Reminder: we have to keep in mind the workflow of the import of secret subkeys. Do we need different behavior conditional on "is primary key present" or not?

Okay. We now replace the standard Breeze icon of kleopatra with the red head for vsd and with a new blue head for gpd. The replacements are used for the About action and in the About dialog, but kwin (X11) insists on using the standard icon as window icon. And the system tray also shows the standard symbolic Breeze icon instead of the replacements. strace shows that the replacement icons embedded in the AppImage are loaded. No idea why kwin and the system tray still use the standard icons.

Kleopatra with Breeze style:

In T7515#198012, @alexk wrote:

Regarding the suggest list I would change the following:
but keep:

• Enable/Disable Certificate

I did a quick test with a test user running a Wayland session and the AppImage works now.

Daniel confused --list-options with --dump-options. The linked completion script uses the latter.

Needs to be tested/verified by other developers. In short you do

./autogen.sh
cd packages
./download.sh
cd ..
./build.sh --appimage --builddir=...

If you omit the --builddir=... option then ~/b/SRCDIRNAME-appimage will be used.

Building an AppImage including Kleopatra and Okular works now (again) in the gpg4win-5-branch.