Page MenuHome GnuPG
Projects S/MIME

S/MIMEProject
ActivePublic
Watch Project

Members

  • This project does not have any members.
  • View All

Watchers

  • This project does not have any watchers.
  • View All

Recent Activity
View All

Thu, Oct 9

ebo added a comment to T7836: GpgOL: Activate "Prefer S/MIME" does not work.

Might this be related to T4953?

Thu, Oct 9, 5:02 PM · S/MIME, vsd34, vsd, gpgol
ebo moved T7837: GpgOL: Saving S/MIME encrypted draft with S/MIME disabled freezes Outlook from Backlog to Done on the gpgol board.
Thu, Oct 9, 10:56 AM · S/MIME, vsd34, vsd, gpgol
mmontkowski triaged T7837: GpgOL: Saving S/MIME encrypted draft with S/MIME disabled freezes Outlook as Normal priority.
Thu, Oct 9, 10:15 AM · S/MIME, vsd34, vsd, gpgol
mmontkowski changed the status of T7837: GpgOL: Saving S/MIME encrypted draft with S/MIME disabled freezes Outlook from Open to Testing.
Thu, Oct 9, 10:14 AM · S/MIME, vsd34, vsd, gpgol
ebo moved T7836: GpgOL: Activate "Prefer S/MIME" does not work from Backlog to Triage on the gpgol board.
Thu, Oct 9, 9:37 AM · S/MIME, vsd34, vsd, gpgol
ebo renamed T7836: GpgOL: Activate "Prefer S/MIME" does not work from GpgOL: Activate/Prefer S/MIME does not work to GpgOL: Activate "Prefer S/MIME" does not work.
Thu, Oct 9, 9:36 AM · S/MIME, vsd34, vsd, gpgol
ebo triaged T7841: GpgOL: Concurrent access to S/MIME encrypted mail creates versions as Low priority.
Thu, Oct 9, 9:25 AM · S/MIME, vsd34, vsd, gpgol

Mon, Oct 6

werner reopened T7837: GpgOL: Saving S/MIME encrypted draft with S/MIME disabled freezes Outlook as "Open".

(auto resolved due to the keyword "resolved" in the commit message)

Mon, Oct 6, 3:36 PM · S/MIME, vsd34, vsd, gpgol
mmontkowski closed T7837: GpgOL: Saving S/MIME encrypted draft with S/MIME disabled freezes Outlook as Resolved.

The window was not reenabled on failure

Mon, Oct 6, 2:06 PM · S/MIME, vsd34, vsd, gpgol

Thu, Oct 2

timegrid created T7841: GpgOL: Concurrent access to S/MIME encrypted mail creates versions.
Thu, Oct 2, 3:13 PM · S/MIME, vsd34, vsd, gpgol
timegrid added a comment to T7836: GpgOL: Activate "Prefer S/MIME" does not work.

I just found out, that Drafts are not S/MIME encrypted, if

  • draft encryption is activated and set to a S/MIME cert
  • S/MIME is enabled
  • S/MIME is not prefered
Thu, Oct 2, 2:09 PM · S/MIME, vsd34, vsd, gpgol
timegrid added a project to T7836: GpgOL: Activate "Prefer S/MIME" does not work: S/MIME.
Thu, Oct 2, 1:14 PM · S/MIME, vsd34, vsd, gpgol
timegrid added a comment to T7837: GpgOL: Saving S/MIME encrypted draft with S/MIME disabled freezes Outlook.

Note: I also activated Sign/Encrypt by default, if that matters

Thu, Oct 2, 1:14 PM · S/MIME, vsd34, vsd, gpgol
timegrid created T7837: GpgOL: Saving S/MIME encrypted draft with S/MIME disabled freezes Outlook.
Thu, Oct 2, 1:12 PM · S/MIME, vsd34, vsd, gpgol

Wed, Sep 24

werner triaged T7819: Export of secret S/MIME key with brainpool fails (error converting key parameters) as Wishlist priority.

ECC support for X.509 and in particular pkcs#12 format is limited. That is in general not a problem because such certificates are stored on a token and not on disk.

Wed, Sep 24, 6:21 PM · vsd, S/MIME, gnupg22
timegrid created T7819: Export of secret S/MIME key with brainpool fails (error converting key parameters).
Wed, Sep 24, 1:17 PM · vsd, S/MIME, gnupg22

Aug 27 2025

werner lowered the priority of T7618: gpgsm: Allow selecting keys by SHA2 fpr from Normal to Wishlist.

The problem here is that we don't have the sha-2 fingerprint in our SQL tables. Thus we would not only need to do a full table search but also parse the actual blob to compute the sha-2 fingerprint.

Aug 27 2025, 4:14 PM · S/MIME, gnupg26, Feature Request
werner lowered the priority of T6678: GPGSM: Add support for cert extension 2.5.29.54 Inhibit anyPolicy from Normal to Wishlist.
Aug 27 2025, 4:04 PM · gnupg26, S/MIME, Restricted Project
werner closed T7713: Allow to skip the qualified signature confirmation prompt as Resolved.

I have done testing using my QES certificate with all combinations of the two options.

Aug 27 2025, 12:02 PM · S/MIME, Feature Request, gnupg26

Jul 25 2025

werner closed T7738: The trustlist's qual flag is not cached correctly by gpgsm as Resolved.

Fixed for gnupg22 and gnupg26

Jul 25 2025, 5:29 PM · S/MIME, gnupg

Jul 24 2025

werner added a comment to T7738: The trustlist's qual flag is not cached correctly by gpgsm.

This does not happen with gnupg24 because the cache has not been implemented there.

Jul 24 2025, 12:33 PM · S/MIME, gnupg
werner triaged T7738: The trustlist's qual flag is not cached correctly by gpgsm as Normal priority.
Jul 24 2025, 12:22 PM · S/MIME, gnupg

Jul 2 2025

werner triaged T7713: Allow to skip the qualified signature confirmation prompt as Normal priority.
Jul 2 2025, 11:41 AM · S/MIME, Feature Request, gnupg26

May 13 2025

werner closed T7171: Allow for empty Subject in X.509 as Resolved.
May 13 2025, 3:21 PM · libksba, Bug Report, gnupg, S/MIME
werner closed T6941: gpgsm/dirmngr: support for end-entity certificates with an empty "Subject DN", a subtask of T7171: Allow for empty Subject in X.509, as Resolved.
May 13 2025, 3:00 PM · libksba, Bug Report, gnupg, S/MIME
werner closed T6941: gpgsm/dirmngr: support for end-entity certificates with an empty "Subject DN" as Resolved.

Meanwhile we have some support for an empty subject but gpgsm still prints an error notice. See the T7171 for more.

May 13 2025, 3:00 PM · gnupg26, S/MIME, Feature Request
werner added a subtask for T7171: Allow for empty Subject in X.509: T6941: gpgsm/dirmngr: support for end-entity certificates with an empty "Subject DN".
May 13 2025, 2:58 PM · libksba, Bug Report, gnupg, S/MIME
werner added a parent task for T6941: gpgsm/dirmngr: support for end-entity certificates with an empty "Subject DN": T7171: Allow for empty Subject in X.509.
May 13 2025, 2:58 PM · gnupg26, S/MIME, Feature Request

Apr 22 2025

werner triaged T7618: gpgsm: Allow selecting keys by SHA2 fpr as Normal priority.

BTW, fingerprints for X.509 are not well defined because you get a different one when changing the *unsigned" attributes. Not a common case but one should be aware of it.

Apr 22 2025, 9:33 AM · S/MIME, gnupg26, Feature Request

Feb 18 2025

ebo moved T6559: GPGSM: "always trust like override" or "force" option from Backlog to Done on the gpgol board.
Feb 18 2025, 2:46 PM · gnupg24 (gnupg-2.4.4), gpgme (gpgme 1.23.x), gnupg22 (gnupg-2.2.42), Feature Request, gpgol, S/MIME, kleopatra, Restricted Project

Jan 24 2025

werner triaged T7487: libksba/gpgsm: support for RSA-PSS signatures made with a maximum saltLength value as Wishlist priority.

If you encounter real world certificates with these parameters we can bump up the priority.

Jan 24 2025, 11:08 AM · gnupg, S/MIME, Feature Request

Jan 19 2025

zablockil added a comment to T7487: libksba/gpgsm: support for RSA-PSS signatures made with a maximum saltLength value.

I think I can understand you, too much complexity.

Jan 19 2025, 7:56 PM · gnupg, S/MIME, Feature Request

Jan 17 2025

werner added a comment to T7487: libksba/gpgsm: support for RSA-PSS signatures made with a maximum saltLength value.

See this comment which is related to T4538:

Jan 17 2025, 4:29 PM · gnupg, S/MIME, Feature Request
werner added a comment to T4538: Support PSS signed CRLs.
Jan 17 2025, 4:23 PM · dirmngr, S/MIME, libksba
werner added projects to T7487: libksba/gpgsm: support for RSA-PSS signatures made with a maximum saltLength value: S/MIME, gnupg.
Jan 17 2025, 4:17 PM · gnupg, S/MIME, Feature Request

Jan 7 2025

TobiasFella closed T6807: Kleo shows 3 certs in a chain while there are only two as Resolved.
Jan 7 2025, 3:08 PM · vsd33 (vsd-3.3.0), Restricted Project, S/MIME, Bug Report, kleopatra
TobiasFella moved T6807: Kleo shows 3 certs in a chain while there are only two from QA to vsd-3.3.0 on the vsd33 board.
Jan 7 2025, 3:08 PM · vsd33 (vsd-3.3.0), Restricted Project, S/MIME, Bug Report, kleopatra
TobiasFella added a comment to T6807: Kleo shows 3 certs in a chain while there are only two.

Also works in VSD-beta-478

Jan 7 2025, 3:08 PM · vsd33 (vsd-3.3.0), Restricted Project, S/MIME, Bug Report, kleopatra

Dec 19 2024

werner raised the priority of T3979: GPGSM: Authenticated encryption from Wishlist to Normal.
Dec 19 2024, 10:33 AM · gnupg26, S/MIME

Dec 16 2024

ebo moved T6807: Kleo shows 3 certs in a chain while there are only two from WiP to QA on the vsd33 board.
Dec 16 2024, 11:20 AM · vsd33 (vsd-3.3.0), Restricted Project, S/MIME, Bug Report, kleopatra

Dec 11 2024

aheinecke merged T3793: Speed up Keylistings in GPG(SM) into T6206: Kleopatra: Listing certificates initially just takes too long..
Dec 11 2024, 6:58 AM · S/MIME, gnupg, kleopatra

Oct 29 2024

werner edited projects for T6941: gpgsm/dirmngr: support for end-entity certificates with an empty "Subject DN", added: gnupg26; removed gnupg24.
Oct 29 2024, 1:23 PM · gnupg26, S/MIME, Feature Request
werner edited projects for T6678: GPGSM: Add support for cert extension 2.5.29.54 Inhibit anyPolicy, added: gnupg26; removed gnupg24.
Oct 29 2024, 1:21 PM · gnupg26, S/MIME, Restricted Project

Oct 4 2024

werner added a comment to T7308: Speed up the X.509 key listings.

Test on a dedicated Windows box (T 460, i5-6300U@2.40GHz, harddisk):

VSD Versiongpg versionLoad time
3.1.262.2.411:59
3.2.4 beta-22.2.45 beta 250:46
Oct 4 2024, 3:03 PM · S/MIME, Feature Request, gnupg
werner edited projects for T4537: gpgsm support for timestamp signatures, added: gnupg26; removed gnupg24.
Oct 4 2024, 12:14 PM · gnupg26, S/MIME, Feature Request
werner claimed T7319: gpgsm/dirmngr: Improve forward path-building via http AIA extension in x.509 certificates.
Oct 4 2024, 12:10 PM · S/MIME, gnupg26, Feature Request
werner added a comment to T7308: Speed up the X.509 key listings.

Overall effect of these changes tested on a small Windows VM is only 47 -> 26 seconds. Did also tests with --kbx-buffer-size but that does not make it better than the default, either.

Oct 4 2024, 12:05 PM · S/MIME, Feature Request, gnupg

Oct 1 2024

ebo moved T6807: Kleo shows 3 certs in a chain while there are only two from Restricted Project Column to Restricted Project Column on the Restricted Project board.

works, the Root-CA of the above example is only shown once any more. Gpg4win-Beta-50

Oct 1 2024, 4:38 PM · vsd33 (vsd-3.3.0), Restricted Project, S/MIME, Bug Report, kleopatra
ebo moved T6807: Kleo shows 3 certs in a chain while there are only two from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Oct 1 2024, 3:56 PM · vsd33 (vsd-3.3.0), Restricted Project, S/MIME, Bug Report, kleopatra

Sep 30 2024

werner closed T7308: Speed up the X.509 key listings as Resolved.

Will be available in 2.2.45 and 2.5.2

Sep 30 2024, 7:08 PM · S/MIME, Feature Request, gnupg