Page MenuHome GnuPG
Projects vsd34

vsd34Project
ActivePublic
Watch Project

Milestones
View All

Members

  • This project does not have any members.
  • View All

Watchers

  • This project does not have any watchers.
  • View All

Recent Activity
View All

Today

ebo edited projects for T7707: Kleopatra: Unformatted fingerprints, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:53 PM · gpd5x (gpd-5.0.0), vsd34, kleopatra
ebo edited projects for T6117: Kleopatra: Make creation of S/MIME certificate signing request accessible, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:52 PM · gpd5x (gpd-5.0.0), a11y, vsd34, kleopatra
ebo edited projects for T7215: Improve UX of "subkey expiry change" window , added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:52 PM · gpd5x (gpd-5.0.0), vsd34, kleopatra
ebo edited projects for T7394: Kleopatra: RSA-1024 is shown as "Unknown algorithm" in the certificate list , added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:51 PM · gpd5x (gpd-5.0.0), vsd34, kleopatra
ebo edited projects for T7552: Kleopatra: Add search function to "configuration overview", added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:50 PM · gpd5x (gpd-5.0.0), vsd34, kleopatra
ebo edited projects for T7558: Kleopatra: Show a certificate's comment field in certification dialog., added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:50 PM · gpd5x (gpd-5.0.0), vsd34, kleopatra
ebo edited projects for T7602: Kleopatra: "Add ADSK" tooltip is long and doesn't wrap, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:49 PM · gpd5x (gpd-5.0.0), vsd34, kleopatra
ebo edited projects for T7612: Kleopatra: ignores its own language settings for the filter names, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:49 PM · gpd5x (gpd-5.0.0), vsd34, kleopatra
ebo edited projects for T7615: Kleopatra: Make completion of commands entered in GnuPG Configuration Overview dialog case-sensitive, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:49 PM · gpd5x (gpd-5.0.0), vsd34, kleopatra
ebo edited projects for T7644: Kleopatra: 'Show Audit Log' in signature verification needs two clicks to open, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:49 PM · gpd5x (gpd-5.0.0), vsd34, Bug Report, kleopatra
ebo edited projects for T7736: Pinentry: Show/hide button not accessible by keyboard, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:48 PM · gpd5x (gpd-5.0.0), vsd33 (vsd-3.3.3), vsd34, a11y, pinentry
ebo edited projects for T7739: pinentry/kleopatra: NVDA reads text multiple times, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:48 PM · gpd5x (gpd-5.0.0), vsd34, a11y, kleopatra
ebo edited projects for T7751: Kleopatra: Text field of notepad has no label/accessible name, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:48 PM · gpd5x (gpd-5.0.0), vsd34, a11y, kleopatra
ebo edited projects for T7752: Create default Shortcut for details, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:48 PM · gpd5x (gpd-5.0.0), kleopatra, vsd34, a11y
ebo edited projects for T7846: Kleopatra: Wrong focus/tab order in directory services configuration, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:47 PM · gpd5x (gpd-5.0.0), vsd34, a11y, kleopatra
ebo edited projects for T7834: gpgol one string not translated, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:47 PM · gpd5x (gpd-5.0.0), vsd34, i18n, gpgol
ebo edited projects for T7850: NVDA reads "X.509 Directory Services" twice, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:47 PM · gpd5x (gpd-5.0.0), kleopatra, vsd34, a11y
ebo edited projects for T7859: Kleopatra: Make a few lists and tables more accessible, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:47 PM · gpd5x (gpd-5.0.0), kleopatra, vsd34, a11y
ebo edited projects for T7854: NVDA speaks name of list view or tree view two or three times, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:47 PM · gpd5x (gpd-5.0.0), kleopatra, vsd34, a11y
ebo edited projects for T7868: Kleopatra: config check box for AllowMarkTrusted not functional , added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:47 PM · gpd5x (gpd-5.0.0), vsd34, kleopatra
ebo edited projects for T7862: Kleopatra: No feedback by screen readers if no certificates are found on server lookup, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:47 PM · gpd5x (gpd-5.0.0), vsd34, a11y, kleopatra
ebo edited projects for T7890: Kleopatra: Icon sidebar in configuration dialog is missing an accessible name, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:46 PM · gpd5x (gpd-5.0.0), kleopatra, vsd34, a11y
ebo edited projects for T7971: Kleopatra: Always use gpgme to find the GnuPG binaries, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:46 PM · gpd5x (gpd-5.0.0), vsd34, kleopatra
ebo edited projects for T7963: Kleopatra: Group configuration reset when certificate details window is opened, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:46 PM · gpd5x (gpd-5.0.0), vsd34, Bug Report, vsd, kleopatra
ebo edited projects for T7355: Keyboard navigation inside the Notepad text editor, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:46 PM · gpd5x (gpd-5.0.0), vsd34, a11y, kleopatra
ebo edited projects for T7704: Kleopatra: Add option to start it as additional process, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:45 PM · gpd5x (gpd-5.0.0), vsd34, kleopatra
ebo edited projects for T7700: Kleopatra: Move kleopatrarc away from %LOCALAPPDATA%, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:45 PM · gpd5x (gpd-5.0.0), Feature Request, kleopatra, vsd34
ebo edited projects for T7827: Kleopatra: Add workaround for locking issue on key generation, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:45 PM · gpd5x (gpd-5.0.0), vsd33 (vsd-3.3.3), vsd34, kleopatra
ebo edited projects for T7863: Kleopatra: the certificate list is not refreshed at the end of the deletion of multiple secret keys , added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:45 PM · gpd5x (gpd-5.0.0), vsd34, kleopatra
ebo edited projects for T7876: Kleopatra: Export of freshly generated key warns about missing userid certification, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:45 PM · gpd5x (gpd-5.0.0), vsd34, vsd33 (vsd-3.3.3), kleopatra
TobiasFella placed T7502: Kleopatra: Import secret key dialog improvement up for grabs.
Tue, Jan 13, 12:40 PM · vsd34, gpd5x, kleopatra
ebo edited projects for T7717: Location of qt-application config files, added: gpd5x (gpd-5.0.0); removed gpd5x.
Tue, Jan 13, 12:31 PM · gpd5x (gpd-5.0.0), Windows, kleopatra, vsd34, okular
ikloecker moved T8020: Kleopatra: Notepad should not show "signed" text if signature is bad from Backlog to WIP on the vsd34 board.

Backported for VSD 3.4

Tue, Jan 13, 12:10 PM · gpd5x, vsd34, kleopatra
ikloecker changed the status of T8020: Kleopatra: Notepad should not show "signed" text if signature is bad from Open to Testing.

Done. I've used the following script to create clear-signed test messages with good/bad signature signed with certificates with different validity and status (expired, revoked).

Tue, Jan 13, 11:54 AM · gpd5x, vsd34, kleopatra

Fri, Jan 9

werner moved T7866: Allow separate LDAP keyserver for uploading from QA to WIP on the gnupg26 board.
Fri, Jan 9, 3:50 PM · gnupg22, vsd34, LDAP, Feature Request, gnupg26
timegrid added a comment to T7866: Allow separate LDAP keyserver for uploading.

The behaviour might have changed a bit because of the ldap: prefix i use now, or i have missed this case the last time:
Given some cert on the "download" server, I can find it, if dirmngr.conf contains only the "download" server, or if the "download" server is listed first:

Fri, Jan 9, 2:17 PM · gnupg22, vsd34, LDAP, Feature Request, gnupg26
werner added a comment to T7866: Allow separate LDAP keyserver for uploading.

Independent of keyserver order in dirmngr.conf, --search-keys still offers keys from the upload server, but the download fails:

Fri, Jan 9, 1:35 PM · gnupg22, vsd34, LDAP, Feature Request, gnupg26
werner added a comment to T7866: Allow separate LDAP keyserver for uploading.

For "Although the upload server is used for upload, the gpg message still displays the first keyserver" see T8025

Fri, Jan 9, 1:28 PM · gnupg22, vsd34, LDAP, Feature Request, gnupg26
timegrid moved T7971: Kleopatra: Always use gpgme to find the GnuPG binaries from WIP to Done on the gpd5x board.

I assume, that testing the functionality is the only thing I can do here.

Fri, Jan 9, 11:30 AM · gpd5x (gpd-5.0.0), vsd34, kleopatra

Thu, Jan 8

ikloecker moved T8020: Kleopatra: Notepad should not show "signed" text if signature is bad from Backlog to WIP on the gpd5x board.
Thu, Jan 8, 5:12 PM · gpd5x, vsd34, kleopatra
timegrid moved T7717: Location of qt-application config files from WIP to Done on the gpd5x board.

Looks good to me on gpg4win-5.0.0-beta479 @ win11.

Thu, Jan 8, 12:15 PM · gpd5x (gpd-5.0.0), Windows, kleopatra, vsd34, okular
ebo updated the task description for T8022: Kleopatra: Add option to extract a tar.gpg archive directly into a given directory.
Thu, Jan 8, 11:08 AM · Feature Request, vsd34, gpd5x, gpgtar, kleopatra
ebo triaged T8022: Kleopatra: Add option to extract a tar.gpg archive directly into a given directory as Normal priority.
Thu, Jan 8, 10:37 AM · Feature Request, vsd34, gpd5x, gpgtar, kleopatra

Wed, Jan 7

ikloecker added a comment to T8020: Kleopatra: Notepad should not show "signed" text if signature is bad.

I have verified (by looking at QTextEdit's code) that, on paste, QTextEdit splits the text for the internal representation into lines and discards any CR and LF characters.

Wed, Jan 7, 4:02 PM · gpd5x, vsd34, kleopatra
ikloecker added a comment to T8020: Kleopatra: Notepad should not show "signed" text if signature is bad.

It turns out that Kleopatra's notepad converts the CR characters of the spoofed file to LF characters when pasting the text so that Kleopatra doesn't really verify the content of the spoofed file but different content. And this results in a bad signature. The confusing bit is that Kleopatra also says "Successfully verified the notepad" and that it shows the claimed-to-be-signed text although the signature is bad which could lead an inattentive user to the assumption that the signature of the displayed text was actually good (because "Successfully verified").

Wed, Jan 7, 3:33 PM · gpd5x, vsd34, kleopatra
ikloecker renamed T8020: Kleopatra: Notepad should not show "signed" text if signature is bad from Kleopatra: Notepad should only show signed part to Kleopatra: Notepad should not show "signed" text if signature is bad.
Wed, Jan 7, 3:24 PM · gpd5x, vsd34, kleopatra
alexk lowered the priority of T8020: Kleopatra: Notepad should not show "signed" text if signature is bad from Unbreak Now! to Normal.

There is always a warning about bad signature.

Wed, Jan 7, 3:14 PM · gpd5x, vsd34, kleopatra
werner added a comment to T8020: Kleopatra: Notepad should not show "signed" text if signature is bad.

I think we are all wrong here. We were tricked by the fact that regardless of the outcome of the signature verification the signed content is shown. That is surprising for a cleartext signature because that one can be viewed anyway. Thus I propose to not update the clipboard unless the signature checks out.

Wed, Jan 7, 3:08 PM · gpd5x, vsd34, kleopatra
werner added a comment to T8020: Kleopatra: Notepad should not show "signed" text if signature is bad.

I originally uploaded a wrong copy of the file. Now fixed; the correct checksum is 8d830a2dd7e1e14ecbc47b8cdc61d393e9d3f62c

Wed, Jan 7, 2:32 PM · gpd5x, vsd34, kleopatra
ikloecker added a comment to T8020: Kleopatra: Notepad should not show "signed" text if signature is bad.

On Linux, Kleopatra (master) with GnuPG 2.5 (master) shows a BAD signature. It shows the same output as running gpg --verify --output bla.txt in Konsole and pasting the file content (by maybe the copy paste changes some control characters). If I run gpg --verify --output bla.txt <payload.spoofed.asc then bla.txt also contains the same data.

Wed, Jan 7, 2:01 PM · gpd5x, vsd34, kleopatra