--quick-gen-key supports this but there is no general option; the 2 years are hard coded.

Sorry, we won't do that. Actually SHA-1 is still allowed when used in a KDF mechanism like S2K. OpenPGp is about Public Key cryptography and for that it is important to keep the keys safe. Protection the private key with a passaord is a failstop scheme which gives time to revoke the actual key and handle the compromise. When suing symmtric encryption (gpg -c) ist is strongly sutested to use a password with at least 128 bit entropy (e.g. by using our magic wand button). The S2K iteration is actually not needed in such a case.

Not a bug but a limitation of 2.2's option listing: In contrast to 2.3 we can't *show* the used options via gpgconf correcly if there is a conflict between global and local options. However, the actually *used* values are different and correct according to the config. In particular a global forced option overrides any local or command line option.

We should only allow this for v5. This way we get incentive to move forward. ed448 requires a newer version anyway and thus it is good to take this as an opportunity to also demand AEAD etc.

Thanks for the well written bug report and the fix.

I guess this is solved. Feel free to re-open and schedule for 2.2.34

Might be a TOR Thing?

FWIW: We need a DCO; see doc/HACKING.

No, too much release work. Better just one AppImage. Or well one VSD (based on 2.2) and one regular (based on 2.3)

I do not think that we should put any more support for FDs into gpgrt. The goal is to move entirely to the Win32 API.

Your item "2. Allow exporting multiple groups at the same time." is not really important. If you want to do that, please make sure that each group is exported to a separate file.

Please see T5696.

No autoreconf etc. Use only our method to cross build. That is $src/libgcrypt/autogen.sh --build-w32.

Here are the two test certificates mentioned in the commit log:

We could use a new mode #define GCRY_GET_CONFIG_FIPS 1 with gcry_get_config:

What is your Pinentry version, which OS is that, and which terminal type?

Can you given a example on how this would look like. In particulr are placeholders some kind of forced template or just a grey background text?

No, our admin left us and took all scripts and docs with him. We need to set it up again. You better use this system anyway, patches etc on GitHib are not used.

GnuPG requires a Unix system to build. We do not support building natively on Windows. Sorry.