Page MenuHome GnuPG

werner (Werner Koch)
EngineeringAdministrator

Projects

User Details

User Since
Mar 27 2017, 4:48 PM (389 w, 1 d)
Roles
Administrator
Availability
Busy Busy until Aug 19 2030.

Recent Activity

Today

werner committed rM09b694359ff5: doc: Update the texinfo version also on gpgme.texi changes. (authored by werner).
doc: Update the texinfo version also on gpgme.texi changes.
Tue, Sep 10, 4:58 PM
werner committed rM8e7f443045f8: doc: Provide a man page for gpgme-json. (authored by Sébastien Noel <sebastien@twolife.be>).
doc: Provide a man page for gpgme-json.
Tue, Sep 10, 4:58 PM
werner reopened T5079: Add compliance flag to trustlist.txt as "Open".

Given that we backported it to gnupg22 we should go ahead and implement that flag. For example: if the flag is set for any root CA we will show compliance only if that flag is set for the specific root CA. This way we can introduce this feature w/o too much backward incompatibility. We could also hide the feature behind a compatibility flag. There is no reason why we should not add the de-vs trustlist flag to our vsd configuraion files, right away.

Tue, Sep 10, 4:13 PM · gnupg24 (gnupg-2.4.1), Restricted Project, Feature Request

Yesterday

werner committed rMcd79fc39736f: core: New encryption flags GPGME_ENCRYPT_ADD_RECP and _CHG_RECP. (authored by werner).
core: New encryption flags GPGME_ENCRYPT_ADD_RECP and _CHG_RECP.
Mon, Sep 9, 5:49 PM
werner added a comment to T1825: Add a re-encrypt to additional key.

This has now been implemented for gnupg26 for public key encryption. However, symmetric key encryption, a man page, and the gpgme support are missing right now.

Mon, Sep 9, 4:51 PM · Restricted Project, gnupg24, Feature Request
werner committed rGd528d0b06533: gpg: New commands --add-recipients and --change-recipients. (authored by werner).
gpg: New commands --add-recipients and --change-recipients.
Mon, Sep 9, 4:48 PM
werner added a comment to T7287: libgpg-error:w32: Support setting an environment block encoded as UTF-8.

I'd vote for the second (utf-8) which is more aligned with our other APIs.

Mon, Sep 9, 4:10 PM · Bug Report, gpgrt
werner added a comment to T7287: libgpg-error:w32: Support setting an environment block encoded as UTF-8.

The environment is a property of the C runtime and well defined as a block of concatenated C-strings terminated by a zero length C-string. In case of wmain the C-strings use wchar_t and not char.

Mon, Sep 9, 7:47 AM · Bug Report, gpgrt

Sun, Sep 8

werner added projects to T7288: gpg is not properly handling IPGP entries: gnupg, dirmngr, dns.
Sun, Sep 8, 9:48 AM · dns, dirmngr, gnupg, Bug Report

Fri, Sep 6

werner committed rG2cc340eca04d: gpg: Improve detection of input data read errors. (authored by werner).
gpg: Improve detection of input data read errors.
Fri, Sep 6, 4:10 PM
werner committed rG9a741aba3d90: gpg: Make --no-literal work again for -c and --store. (authored by werner).
gpg: Make --no-literal work again for -c and --store.
Fri, Sep 6, 4:10 PM
werner committed rG1e2515726676: gpg: remove workaround for Libgcrypt < 1.8.6 (authored by werner).
gpg: remove workaround for Libgcrypt < 1.8.6
Fri, Sep 6, 4:10 PM
werner committed rG1eaf1e236e60: gpg: Simplify the pubkey_enc_list object (authored by werner).
gpg: Simplify the pubkey_enc_list object
Fri, Sep 6, 4:10 PM
werner reopened T6528: gpg: No error status when encrypting to full disk as "Open".

We should re-test this for gnupg26

Fri, Sep 6, 4:09 PM · gnupg22 (gnupg-2.2.42), gnupg24 (gnupg-2.4.3), Restricted Project
werner added a comment to T7287: libgpg-error:w32: Support setting an environment block encoded as UTF-8.

The problem might be that we use getenv all over the place and don't specify the content. Frankly, it is not 100% clear to me whether the value of an enbvar need to be a string or can be arbitrary data sans nul? However, I can't remember that I ever wrote any code which did not assume ascii or utf8 for the value.

Fri, Sep 6, 9:06 AM · Bug Report, gpgrt

Thu, Sep 5

werner triaged T7286: Add --assert-signer also to gpgsm as Normal priority.
Thu, Sep 5, 9:41 AM · Feature Request, gnupg26

Wed, Sep 4

werner reopened T4060: Add ability to mark critical notations as "recognized" during signature verification as "Open".

We need a way to pass --known-notation to gpgme_op_verify

Wed, Sep 4, 11:08 AM · gpgme, gnupg (gpg22), Feature Request
werner added a comment to T7284: `--expert --full-generate-key` | Inconsistencies regarding capabilities presented for selection .

I asked you to write to the mailing list instead of filing a bug report. A mailing list has a far wider audience than a single bug report. Our bug tracker is not a help forum or a place to ask questions.

Wed, Sep 4, 9:26 AM

Tue, Sep 3

werner committed rGaac5a8f0083d: gpgconf: Add missing linefeed to the -X output. (authored by werner).
gpgconf: Add missing linefeed to the -X output.
Tue, Sep 3, 11:17 AM
werner committed rGf7f939234ba3: gpgconf: Add missing linefeed to the -X output. (authored by werner).
gpgconf: Add missing linefeed to the -X output.
Tue, Sep 3, 11:15 AM
werner committed rG95468f531c3b: agent: Fix KEYTOCARD for the use case with loopback pinentry. (authored by gniibe).
agent: Fix KEYTOCARD for the use case with loopback pinentry.
Tue, Sep 3, 11:14 AM
werner committed rG67088b1ce248: gpgconf: Add missing linefeed to the -X output. (authored by werner).
gpgconf: Add missing linefeed to the -X output.
Tue, Sep 3, 11:14 AM
werner committed rG5a1bf7e5524e: agent: Fix KEYTOCARD for the use case with loopback pinentry. (authored by gniibe).
agent: Fix KEYTOCARD for the use case with loopback pinentry.
Tue, Sep 3, 11:12 AM
werner edited projects for T7283: Odd "gpg: KEYTOCARD failed: Invalid time" error when using `--pinentry-mode=loopback`, added: gpgagent; removed Info Needed.
Tue, Sep 3, 11:07 AM · gpgagent, Bug Report
werner awarded T7283: Odd "gpg: KEYTOCARD failed: Invalid time" error when using `--pinentry-mode=loopback` a Pterodactyl token.
Tue, Sep 3, 11:02 AM · gpgagent, Bug Report

Mon, Sep 2

werner triaged T7272: Kleopatra: Look up missing OpenPGP certificates for card keys as Normal priority.
Mon, Sep 2, 5:05 PM · kleopatra, Restricted Project
werner renamed T7274: Kleopatra: General error on import + certify with revoked and valid UID from Kleopatra: General error on import + certify to Kleopatra: General error on import + certify with revoked and valid UID.
Mon, Sep 2, 5:04 PM · Bug Report, kleopatra, Restricted Project
werner triaged T7274: Kleopatra: General error on import + certify with revoked and valid UID as Normal priority.
Mon, Sep 2, 5:03 PM · Bug Report, kleopatra, Restricted Project
werner triaged T7280: Kleopatra: an email containing capital letters is displayed under “name”. as Normal priority.
Mon, Sep 2, 5:03 PM · vsd33, Restricted Project, kleopatra
werner added a project to T7283: Odd "gpg: KEYTOCARD failed: Invalid time" error when using `--pinentry-mode=loopback`: Info Needed.
Mon, Sep 2, 5:02 PM · gpgagent, Bug Report
werner added a comment to T6395: ADSK Feature .

FWIW: the encryption part of the ADSK feature has been released with

Mon, Sep 2, 5:00 PM · gnupg22 (gnupg-2.2.42), gnupg24 (gnupg-2.4.1), OpenPGP
werner updated the task description for T6280: Release GnuPG 2.2.41.
Mon, Sep 2, 4:30 PM · gnupg22, Release Info
werner updated the task description for T6280: Release GnuPG 2.2.41.
Mon, Sep 2, 4:29 PM · gnupg22, Release Info
werner committed rC841ccd96e1a5: doc: Update an URL hint in the configure script. (authored by werner).
doc: Update an URL hint in the configure script.
Mon, Sep 2, 1:52 PM
werner closed T7278: Documentation update needed to reflect the shut-down of this organization's FTP server as Resolved.
Mon, Sep 2, 1:42 PM · Documentation
werner triaged T7278: Documentation update needed to reflect the shut-down of this organization's FTP server as Wishlist priority.

Will be updated eventually. Thanks for reporting.

Mon, Sep 2, 1:40 PM · Documentation
werner added a project to T7281: Build error with python3-setuptools 73.0.1: Debian.
Mon, Sep 2, 1:39 PM · Debian, gpgme, Bug Report
werner triaged T7281: Build error with python3-setuptools 73.0.1 as Normal priority.
Mon, Sep 2, 1:39 PM · Debian, gpgme, Bug Report
werner closed T7284: `--expert --full-generate-key` | Inconsistencies regarding capabilities presented for selection as Invalid.

Please use the mailing list for such questions.

Mon, Sep 2, 1:37 PM
werner edited Description on gnupg24 (gnupg-2.4.5).
Mon, Sep 2, 1:36 PM
werner added a comment to T7283: Odd "gpg: KEYTOCARD failed: Invalid time" error when using `--pinentry-mode=loopback`.

y38k problems with some frontends are known for some 32 bit platforms.

Mon, Sep 2, 10:41 AM · gpgagent, Bug Report
werner closed T7282: Omitted check-test operations while building from source as Resolved.

Use --large-data-tests with configure and go out for a real long lunch

Mon, Sep 2, 10:38 AM · Support, libgcrypt

Fri, Aug 30

werner closed T2362: pretty printing time left to expiration as Wontfix.
Fri, Aug 30, 11:13 AM · gnupg, Feature Request

Thu, Aug 29

werner committed rG05be36720d67: tests: Add two plaintext test mails (authored by werner).
tests: Add two plaintext test mails
Thu, Aug 29, 7:35 PM
werner committed rG4511997e9e1b: gpg-mail-tube: New feature --as-attach. (authored by werner).
gpg-mail-tube: New feature --as-attach.
Thu, Aug 29, 5:46 PM
werner committed rG80bd49224e0d: doc: Minor fix for the description of gpg's --default-*-expire (authored by werner).
doc: Minor fix for the description of gpg's --default-*-expire
Thu, Aug 29, 5:46 PM
werner committed rGac3044986732: tools: Improve rfc822parse to allow access to headers for longer. (authored by werner).
tools: Improve rfc822parse to allow access to headers for longer.
Thu, Aug 29, 5:46 PM

Wed, Aug 28

werner added a project to T6690: Allow scdaemon to run as a system service: AppImage.

So we need a way to launch scdaemon via userv and make sure that the scdaemon user gives proper permissions to its socket file. gpg-agent also nees to check for a proper version of scdaemon and gpgme needs to be aware of this as well (if it want to directly connect to scdaemon).

Wed, Aug 28, 4:41 PM · AppImage, Feature Request, scd, gnupg26
werner created vsd32 (vsd-3.2.3).
Wed, Aug 28, 11:48 AM
werner committed rG1ea66b6df3ce: doc: Explain why we use D-Lines for keyboxd communication. (authored by werner).
doc: Explain why we use D-Lines for keyboxd communication.
Wed, Aug 28, 10:11 AM
werner added a comment to T7224: Kleopatra: broken in Testversion beta-41.

T6512 is only for gnupg26. In gnupg24 we don't use fd-passing.

Wed, Aug 28, 10:10 AM · Bug Report, kleopatra, Restricted Project

Tue, Aug 27

werner committed rOdd03494d4579: po: Run msgmerge (authored by werner).
po: Run msgmerge
Tue, Aug 27, 1:44 PM
werner committed rOba44c364c895: po: Update German translation (authored by werner).
po: Update German translation
Tue, Aug 27, 1:44 PM
werner committed rObfa49052fe26: Typo fix and translate strings from attachments.cpp. (authored by werner).
Typo fix and translate strings from attachments.cpp.
Tue, Aug 27, 1:44 PM
werner committed rG8896bbd0f99c: gpg: Switch Kyber to the final algo id and add it to the menu. (authored by werner).
gpg: Switch Kyber to the final algo id and add it to the menu.
Tue, Aug 27, 11:08 AM
werner added a project to T7258: Kleopatra: Limit the maximum column size when fitting the columns to their content: vsd33.
Tue, Aug 27, 9:20 AM · vsd33, kleopatra, Restricted Project
werner triaged T7258: Kleopatra: Limit the maximum column size when fitting the columns to their content as Normal priority.
Tue, Aug 27, 9:20 AM · vsd33, kleopatra, Restricted Project
werner triaged T7260: Kleopatra: Show certificate as VS-NfD compliant even if it has additional not compliant authentication subkeys as Normal priority.
Tue, Aug 27, 9:19 AM · vsd33, kleopatra, Restricted Project
werner added a subtask for T7040: Make it possible to install GnuPG VSD and GPD in parallel: T6799: Kleopatra configuration files in wrong places.
Tue, Aug 27, 9:17 AM · vsd33, kleopatra, Restricted Project
werner added a parent task for T6799: Kleopatra configuration files in wrong places: T7040: Make it possible to install GnuPG VSD and GPD in parallel.
Tue, Aug 27, 9:17 AM · vsd33, kleopatra, Restricted Project
werner raised the priority of T7040: Make it possible to install GnuPG VSD and GPD in parallel from Normal to High.
Tue, Aug 27, 9:14 AM · vsd33, kleopatra, Restricted Project

Sat, Aug 24

werner closed T7271: clarify tar format of gpgtar in documentation as Resolved.

gpgtar is compatible to PGP Desktop's format which they call ZIP. This is technically ustar with the most common extensions. Don't let us go into yet another TAR format discussion.

Sat, Aug 24, 3:07 PM · FAQ, gpgtar, Documentation

Fri, Aug 23

werner committed rM37aa9eee7c56: New context flag "proc-all-sigs". (authored by werner).
New context flag "proc-all-sigs".
Fri, Aug 23, 3:10 PM
werner shifted T7269: Attachments vanish from forward encrypted message from the Restricted Space space to the S1 Public space.
Fri, Aug 23, 2:33 PM · Restricted Project, Feature Request, gpgol
werner triaged T7269: Attachments vanish from forward encrypted message as Normal priority.
Fri, Aug 23, 2:32 PM · Restricted Project, Feature Request, gpgol
werner added a comment to T7261: Option to process all signatures in --batch mode.

Also added a new gpgme context flag "proc-all-sigs" and a --porc-all-sigs option to gpgme's run-verify.c tool.

Fri, Aug 23, 2:31 PM · gnupg22 (gnupg-2.2.45), Feature Request, Restricted Project
werner moved T7261: Option to process all signatures in --batch mode from QA to gnupg-2.2.45 on the gnupg22 board.
Fri, Aug 23, 11:53 AM · gnupg22 (gnupg-2.2.45), Feature Request, Restricted Project
werner archived gnupg22 (gnupg-2.2.43).
Fri, Aug 23, 11:53 AM
werner created gnupg22 (gnupg-2.2.45).
Fri, Aug 23, 11:53 AM
werner committed rG5276a1373c8a: gpg: New option --proc-all-sigs (authored by werner).
gpg: New option --proc-all-sigs
Fri, Aug 23, 11:52 AM
werner closed T7261: Option to process all signatures in --batch mode as Resolved.

The new option `--proc-all-sigs' will be available in 2.5.1, 2.4.6, and 2.2.45.

Fri, Aug 23, 11:51 AM · gnupg22 (gnupg-2.2.45), Feature Request, Restricted Project
werner closed T7261: Option to process all signatures in --batch mode, a subtask of T6870: Kleopatra: Improve representation of signature verification result in case of multiple signatures, as Resolved.
Fri, Aug 23, 11:51 AM · Restricted Project, kleopatra
werner committed rGcb739bb2a579: gpg: New option --proc-all-sigs (authored by werner).
gpg: New option --proc-all-sigs
Fri, Aug 23, 11:45 AM
werner renamed T7261: Option to process all signatures in --batch mode from Option to process al signatures in --batch mode to Option to process all signatures in --batch mode.
Fri, Aug 23, 11:36 AM · gnupg22 (gnupg-2.2.45), Feature Request, Restricted Project
werner committed rG1eb382fb1f43: gpg: New option --proc-all-sigs (authored by werner).
gpg: New option --proc-all-sigs
Fri, Aug 23, 11:36 AM
werner committed rG92667aa8c208: gpg: Warn if a keyring is specified along with --use-keyboxd. (authored by werner).
gpg: Warn if a keyring is specified along with --use-keyboxd.
Fri, Aug 23, 9:21 AM
werner closed T7265: When "use_keyboxd" is configured --keyring option is ignored? as Resolved.

Good idea. Done for master and gnupg24

Fri, Aug 23, 9:19 AM · keyboxd, gnupg, FAQ, Support
werner committed rG3171ca9b949b: gpg: Warn if a keyring is specified along with --use-keyboxd. (authored by werner).
gpg: Warn if a keyring is specified along with --use-keyboxd.
Fri, Aug 23, 9:19 AM

Thu, Aug 22

werner committed rG41b06b5579f2: common: Do not call the agent with the obsolete --use-standard-socket. (authored by werner).
common: Do not call the agent with the obsolete --use-standard-socket.
Thu, Aug 22, 6:32 PM
werner committed rOJ329754f1867e: Add a rough description of files and directories (authored by werner).
Add a rough description of files and directories
Thu, Aug 22, 12:56 PM
werner edited projects for T7265: When "use_keyboxd" is configured --keyring option is ignored?, added: Support, FAQ, gnupg, keyboxd; removed Bug Report.

The --keyring option is deprecated and does not work at all if the keyboxd is used. This is the default for a new GnuPG 2.4 installation.

Thu, Aug 22, 10:29 AM · keyboxd, gnupg, FAQ, Support

Wed, Aug 21

werner added a comment to T7260: Kleopatra: Show certificate as VS-NfD compliant even if it has additional not compliant authentication subkeys.

Answer in non #dkgmode: Seems I don't need to evaluate the details then. However, excluding auth only keys should be a no-brainer.

Wed, Aug 21, 7:09 PM · vsd33, kleopatra, Restricted Project
werner added a comment to rO3a1614bf140c: Revert "Set missing filename to rfc822_email.eml...

Most users are able to read and in particular to answer the question: Do you see the text "rfc822-email"? Try to ask them whether they see a white box somewhere. Nearly impossible w/o a screenshot and even then you get wrong answers. The whole issue is about helping our support people. YMMV

Wed, Aug 21, 5:42 PM
werner added a comment to rO3a1614bf140c: Revert "Set missing filename to rfc822_email.eml...

Having a filename even for a bad or empty attachment is a Good Thing™ for the support desk. I also see no regression risk here.

Wed, Aug 21, 4:02 PM
werner triaged T7263: Extend LDAP scheme to allow distribution of Kleopatra groups as Low priority.
Wed, Aug 21, 1:49 PM · Restricted Project, gnupg26, dirmngr
werner closed T3392: keyserver default should include pool onionbalance hkp://jirk5u4osbsr34t5.onion as Resolved.
Wed, Aug 21, 1:45 PM · Too Old, Keyserver, Feature Request, dirmngr
werner committed rO20f8e69972c0: Update NEWS. (authored by werner).
Update NEWS.
Wed, Aug 21, 12:54 PM
werner added a comment to T7260: Kleopatra: Show certificate as VS-NfD compliant even if it has additional not compliant authentication subkeys.

I need to evaluate this. However, what we can can do already now is to ignore all Auth keys - they don't matter at all and it is pretty convenient to have Brainpool primary and encryption subkey but an ed25519 auth subkey on a card. That is because ssh does not support Brainpool. We show such a key (i.e. Yubikey) as compliant.

Wed, Aug 21, 11:28 AM · vsd33, kleopatra, Restricted Project
werner committed rGa891e55f15a3: w32: Add two more registry entries for use with -X (authored by werner).
w32: Add two more registry entries for use with -X
Wed, Aug 21, 11:27 AM
werner renamed T7259: Kleopatra: Kwatchgnupg must not modify conf files from Draft: Kleopatra: Kwatchgnupg issue to Kleopatra: Kwatchgnupg must not modify conf files.
Wed, Aug 21, 9:11 AM · Bug Report, kleopatra
werner raised the priority of T7259: Kleopatra: Kwatchgnupg must not modify conf files from Wishlist to Normal.

Please remove the any configuration file changes from kwatchgnupg. That is not a good idea. Launching kwatchgnupg is
a debugging aid and not a regular operation and thus the user can also enable debugging selectively with kleopatra.
kwatchgnupg should listen on the standard socket socket:// - for Windows we don't yet need it because there we don't have sockets anyway. Or well, eventually we will have same but that requires work in watchgnupg and gpgrt for the logging stuff.

Wed, Aug 21, 9:10 AM · Bug Report, kleopatra
werner committed rC4e7d49525793: w32: Improve versioninfo (authored by werner).
w32: Improve versioninfo
Wed, Aug 21, 9:01 AM
werner committed rCc51151f5b0b3: Return a proper error code on malloc failure in hex2buffer. (authored by werner).
Return a proper error code on malloc failure in hex2buffer.
Wed, Aug 21, 9:01 AM
werner closed T7087: Release GnuPG 2.2.44 as Resolved.
Wed, Aug 21, 8:56 AM · gnupg22, Release Info
werner triaged T7262: gpgme: Move C++ bindings, Qt bindings and Python bindings to separate git repositories as High priority.
Wed, Aug 21, 8:47 AM · Restricted Project, gpgme

Tue, Aug 20

werner triaged T7261: Option to process all signatures in --batch mode as High priority.
Tue, Aug 20, 4:37 PM · gnupg22 (gnupg-2.2.45), Feature Request, Restricted Project
werner committed rDa2fa53753e72: web: Announce that the FTP server has been shutdown (authored by werner).
web: Announce that the FTP server has been shutdown
Tue, Aug 20, 3:12 PM
werner added a comment to T7110: Distribute the GpgME bindings separately from GpgME.

Okay. Let us split it into different tarballs and repos. We will bump the gpgme core version to 2.0 to indicate this split despite that there will be non-ABI/API incompatibility. C++, Qt, Python will then go into separate projects. The old common List stuff will be kept in gpgme core for now. The gpgme core sticks with autoconf stuff but for C++ and Qt cmake style will be used instead.

Tue, Aug 20, 2:32 PM · gpgme, Restricted Project

Mon, Aug 19

werner committed rG60c541f5880e: doc: Remove included yat2m and build HTML versions of the man pages. (authored by werner).
doc: Remove included yat2m and build HTML versions of the man pages.
Mon, Aug 19, 1:58 PM
werner added a comment to T6354: All VSD and GPD binaries need a proper product name on Windows..

Okay, I see now that this is US-English and Unicode.

Mon, Aug 19, 11:47 AM · vsd33, vsd, kleopatra, Restricted Project, gpd