We already have an initialization function in gpgrt which is thread-safe at least if used as a DLL. Maybe move the check to there.

I would suggest to use something like "Kyber 768 + brainpool P 256" because parentheses might be interpreted tha this is an alias for Kyber,

Please always add -v t commands like "gpg --decrypt test.txt.gpg". To decide whether this is smartcard or gpg-agent releated, I need to see a log file form gpg-agent and scdaemon. The latter is more important. I would suggest "debug ipc,app,cardio"

That works using a gpgconf.ctl file side by side to gpgconf{,.exe}

Regarding 64bit handles https://learn.microsoft.com/en-us/windows/win32/winprog64/interprocess-communication
tells us:

This seems to be a good opportunity to replace paperkey with a new tool to take advantage of the smaller ECC keys which allow us to re-generate most stuff.

After discussion with Ingo and others it seems that separate Kleo processes per GNUPGHOME would confuse more users than being helpful for power users. Considering the use case of gpgpass the conclusion was to add an option to Kleo which allows to start is as a certificate manager without doing the UniqueApplicaiton thing and also entirely quit after closing the window.

But we have the same problems on Unix as described by T7699. (funny, the other bug mentioned above has 76 reversed)

That is not Windows specific. They should end up in %GNUPGHOME%/kleopatra/

What about including the output of

secp256k1 is an --expert option and not supported by other *PGP
implementations. We should actually hide this thing even more and not
even display it with --expert. Thus do no expect an immediate 2.5.9
release to fix this issue.

In case of problems with token based cv25519 key, please update to 2.5.8.

iirc we introduced sysconf (_SC_OPEN_MAX) for non-linux platforms and that fixed real world problems. What about getting this value at module initialization time and keep on using it as a fallback?

After several gpg4win-5 betas be can set this task to resolved.

I claim this resolved given several gpg4win-5 betas.

I claim this resolved given that we had several gpg4win-5 betas and no reported problems was related to this.

The actual project we had in mind for this was more or less canceled and thus I re-prioritize this task.

Reminder mostly to self: This is about the KDF parameters. In the light of PQC composite algorithms we may want to also prepare for PQC required stuff.

There should be a workaround by using

This was release with 2.5.7.

Funny old bug which shows up only if you don't have any keyserver configured. Note the FIXME in the commit ;-)

The question is whether any part of Qt/KF6/MTP forks another process and does not do it correctly. For example it is required that the child figures out the fds to close and then closes them and does not rely here on the parent.

Do you start other process while this context is in use? If you do a fork, you need to make sure that all file descriptors are closed. How is that done?