Thu, Oct 2
Wed, Sep 24
ECC support for X.509 and in particular pkcs#12 format is limited. That is in general not a problem because such certificates are stored on a token and not on disk.
Also implemented for 2.2
Will be backported after 2.2.49
Tested with VS-Desktop-3.3.90.12-Beta
Tue, Sep 23
2.2 test can be done with GnuPG-VS-Desktop-3.3.90.12-Beta-Standard.msi from Sep 17
Wed, Sep 17
Tue, Sep 16
Backported to 2.2 but not yes tested with 2.2
Tue, Sep 9
Sep 3 2025
In contrast to gnupg22 master did not proper show OCB compliance - not everything has yet been forward ported. But we can do so now and test master by setting GNUPG_ASSUME_COMPLIANCE=de-vs
Sep 2 2025
Aug 29 2025
re 1: Only if the option --auto-key-upload is used/configured.
re 2: Do not configure --auto-key-upload but give it on the command line.
re 3: Do not use --auto-key-upload - maybe I should add a --no-auto-key-upload option.
Aug 28 2025
Hi
I have some questions about the "auto-key-upload: If an LDAP keyserver is configured (in dirmngr), upload a newly created key directly to that server" feature:
- If an LDAP keyserver is configured, will every newly created key be uploaded? Is this upload behavior enabled by default?
- Even with an LDAP keyserver configured, what if we don’t want to upload by default? If we prefer manual approval or want to upload only a specific subkey, how should we handle that?
- What about keys created for testing, temporary use, or personal privacy-sensitive purposes that we don’t want others to discover?
People who use GPG tend to care deeply about privacy and don’t want to upload or expose unnecessary information.
Aug 7 2025
Aug 4 2025
Aug 1 2025
There is a new --keyserver-option update-before-send which is enabled by default.
Jan 6 2025
it would be best to add an API to gpgrt to iterate over registry entries.
Dec 5 2024
A workaround exists with the new option --ignore-crl-extensions.
Nov 21 2024
Perfect, thank you!
[GNUPG:] BEGIN_DECRYPTION [GNUPG:] DECRYPTION_INFO 0 9 0 [GNUPG:] PLAINTEXT 62 1732178872 [GNUPG:] PLAINTEXT_LENGTH 72 You will be advanced socially, without any special effort on your part. [GNUPG:] DECRYPTION_OKAY
You are right. Printing the algo was missing in gnupg22.
Nov 12 2024
Nov 8 2024
For Beta-75 it looks similar judging from my first tries.
Nov 7 2024
I managed to get the same "loading certificate" message several times in a row on this test instance by stopping and starting Kleopatra in a row twice. After removing the Signature Card 2.0 this did not happen again in 5-6 tries, although I collected 2 lingering listing processes again (not both started on the same startup). Even import of a X.509 certificate worked.
Next I managed to have one gpg and one gpgsm process each left over from the last execution of Kleopatra.
After starting Kleopatra new anyway, again "loading certificate cache" and an additional pair of gpg and gpgsm listing processes start.
Had a occurrence of the never ending "loading certificate cache" issue again.
There was a leftover gpgsm process from the previous tests (although Kleopatra warned when I closed it, that processes still running in the background were there and would be aborted).
Nov 4 2024
Nov 2 2024
Nov 1 2024
@ebo Thank you for your continuous testing.
Oct 31 2024
Unfortunately, this seems not to have ended the sporadic hangs.
I just saw a hanging initial keylisting with gpg4win-beta-70 which has gpg 2.4.6
My fault: All my test had the relax flag set which is so common to me that I did not thought about this. So you fix is for the case that no flag has been set for a fingerprint.