Projects S/MIME

S/MIMEProject
ActivePublic
Watch Project

Members

This project does not have any members.
View All

Watchers

This project does not have any watchers.
View All

Recent Activity
View All

Thu, Apr 30

• ebo lowered the priority of T8019: gpg does not print warning about untrusted key when verifying signatures made by expired (and untrusted) keys from High to Normal.

Thu, Apr 30, 10:44 AM · Feature Request, S/MIME, OpenPGP, gnupg26

Wed, Apr 29

• werner added a comment to T8019: gpg does not print warning about untrusted key when verifying signatures made by expired (and untrusted) keys.

That is actually more complicated than I initially though. The reason is that expired is used like a trust level:

Wed, Apr 29, 4:36 PM · Feature Request, S/MIME, OpenPGP, gnupg26

• gniibe moved T8048: Keyboxd: S/MIME certificate is imported on ldap search from Backlog to WIP on the gpd5x board.

Wed, Apr 29, 3:43 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

• gniibe moved T8048: Keyboxd: S/MIME certificate is imported on ldap search from Backlog to WIP on the gnupg26 board.

Wed, Apr 29, 3:39 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Mon, Apr 27

• gniibe changed the status of T8236: gpgsm: keybox problem of KEYBOX_FLAG_CREATED_AT from Open to Testing.

Applied to master.

Mon, Apr 27, 6:48 AM · gnupg, S/MIME

• gniibe changed the status of T8048: Keyboxd: S/MIME certificate is imported on ldap search from Open to Testing.

Applied to master.

Mon, Apr 27, 6:48 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Fri, Apr 24

• gniibe added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

I created a branch https://dev.gnupg.org/source/gnupg/history/gniibe%252Ft8048 and pushed all changes (including keyboxd-patch-2026-04-23).

Fri, Apr 24, 7:06 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Thu, Apr 23

• gniibe added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

Enhance keyboxd to have new command for what keybox_set_flags does.

Thu, Apr 23, 7:01 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

• gniibe triaged T8236: gpgsm: keybox problem of KEYBOX_FLAG_CREATED_AT as Low priority.

Thu, Apr 23, 4:09 AM · gnupg, S/MIME

Fri, Apr 17

• werner triaged T8207: gpgsm 2.5.x fails to decrypt S/MIME messages using RSAES-OAEP (SHA-256) as Wishlist priority.

gpgsm does not support OAEP. Actually it does not make much sense to use this padding scheme at all. It has not advantage over PKCS#1. Thus I change this to a feature request to allow decryption using OAEP

Fri, Apr 17, 1:38 PM · gnupg, Feature Request, S/MIME

Thu, Apr 16

timegrid moved T8187: Kleopatra: File encryption with invalid S/MIME certificate hangs indefinitely from QA to vsd-3.3.7 on the vsd33 board.

Thu, Apr 16, 12:54 PM · vsd33 (vsd-3.3.7), gpgme, Bug Report, gpd5x, vsd34, S/MIME, kleopatra

timegrid added a comment to T8187: Kleopatra: File encryption with invalid S/MIME certificate hangs indefinitely.

Looks good to me on vsd-3.3.7-beta90.9 @ win10:

Thu, Apr 16, 12:53 PM · vsd33 (vsd-3.3.7), gpgme, Bug Report, gpd5x, vsd34, S/MIME, kleopatra

• ebo edited projects for T8222: Show RSA-PSS certificates as de-vs compliant in X.509 key listings, added: gnupg22 (gnupg-2.2.54); removed gnupg22.

Thu, Apr 16, 12:39 PM · gnupg22 (gnupg-2.2.54), Bug Report, S/MIME, gnupg26

timegrid added a comment to T8222: Show RSA-PSS certificates as de-vs compliant in X.509 key listings.

Looks good to me on vsd-3.3.7-beta90.9 @ win10.

Thu, Apr 16, 11:56 AM · gnupg22 (gnupg-2.2.54), Bug Report, S/MIME, gnupg26

• ebo moved T8187: Kleopatra: File encryption with invalid S/MIME certificate hangs indefinitely from WiP to QA on the vsd33 board.

Thu, Apr 16, 11:22 AM · vsd33 (vsd-3.3.7), gpgme, Bug Report, gpd5x, vsd34, S/MIME, kleopatra

Wed, Apr 15

• werner changed the status of T8222: Show RSA-PSS certificates as de-vs compliant in X.509 key listings from Open to Testing.

Wed, Apr 15, 2:44 PM · gnupg22 (gnupg-2.2.54), Bug Report, S/MIME, gnupg26

Tue, Apr 14

• werner moved T8222: Show RSA-PSS certificates as de-vs compliant in X.509 key listings from Backlog to WIP on the gnupg26 board.

Tue, Apr 14, 5:20 PM · gnupg22 (gnupg-2.2.54), Bug Report, S/MIME, gnupg26

• werner triaged T8222: Show RSA-PSS certificates as de-vs compliant in X.509 key listings as Normal priority.

Tue, Apr 14, 5:18 PM · gnupg22 (gnupg-2.2.54), Bug Report, S/MIME, gnupg26

Fri, Apr 3

CQPC-76100 updated the task description for T8207: gpgsm 2.5.x fails to decrypt S/MIME messages using RSAES-OAEP (SHA-256).

Fri, Apr 3, 5:15 AM · gnupg, Feature Request, S/MIME

CQPC-76100 renamed T8207: gpgsm 2.5.x fails to decrypt S/MIME messages using RSAES-OAEP (SHA-256) from gpgsm 2.5.x fails to decrypt S/MIME messages using RSAES-OAEP (SHA-256) (macOS 15 (Darwin 25.4.0, arm64) to gpgsm 2.5.x fails to decrypt S/MIME messages using RSAES-OAEP (SHA-256).

Fri, Apr 3, 5:02 AM · gnupg, Feature Request, S/MIME

CQPC-76100 edited projects for T8207: gpgsm 2.5.x fails to decrypt S/MIME messages using RSAES-OAEP (SHA-256), added: S/MIME; removed gpgme.

Fri, Apr 3, 5:01 AM · gnupg, Feature Request, S/MIME

Mar 30 2026

• ikloecker added a parent task for T6559: GPGSM: "always trust like override" or "force" option: T6701: GpgOL: Use GPGME_ENCRYPT_ALWAYS_TRUST.

Mar 30 2026, 11:31 AM · gnupg24 (gnupg-2.4.4), gpgme (gpgme 1.23.x), gnupg22 (gnupg-2.2.42), Feature Request, gpgol, S/MIME, kleopatra, Restricted Project

Mar 27 2026

• werner triaged T8048: Keyboxd: S/MIME certificate is imported on ldap search as Normal priority.

Mar 27 2026, 10:33 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Mar 26 2026

• gniibe claimed T8048: Keyboxd: S/MIME certificate is imported on ldap search.

I applied the keyboxd part for SETEPHEMERAL command, as it doesn't break anything.

Mar 26 2026, 3:56 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Mar 25 2026

• gniibe added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

Here is an attempt to fix the client side:

kbxd-ephemeral-client.patch4 KBDownload

Mar 25 2026, 5:26 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Mar 24 2026

• ikloecker changed the status of T8187: Kleopatra: File encryption with invalid S/MIME certificate hangs indefinitely from Open to Testing.

Mar 24 2026, 4:47 PM · vsd33 (vsd-3.3.7), gpgme, Bug Report, gpd5x, vsd34, S/MIME, kleopatra

• ikloecker moved T8187: Kleopatra: File encryption with invalid S/MIME certificate hangs indefinitely from Backlog to WiP on the vsd33 board.

Mar 24 2026, 4:37 PM · vsd33 (vsd-3.3.7), gpgme, Bug Report, gpd5x, vsd34, S/MIME, kleopatra

• ikloecker added a project to T8187: Kleopatra: File encryption with invalid S/MIME certificate hangs indefinitely: vsd33.

I have added the fix as patch for VSD 3.3 because the commits that introduced this regression were also added as patches for VSD 3.3.

Mar 24 2026, 4:36 PM · vsd33 (vsd-3.3.7), gpgme, Bug Report, gpd5x, vsd34, S/MIME, kleopatra

• ikloecker added a comment to T8187: Kleopatra: File encryption with invalid S/MIME certificate hangs indefinitely.

This is a regression that was introduced with T7759: Kleopatra: Notepad encryption with S/MIME fails.

Mar 24 2026, 4:25 PM · vsd33 (vsd-3.3.7), gpgme, Bug Report, gpd5x, vsd34, S/MIME, kleopatra

• ikloecker moved T8187: Kleopatra: File encryption with invalid S/MIME certificate hangs indefinitely from Backlog to QA for next release on the gpgme board.

Mar 24 2026, 4:07 PM · vsd33 (vsd-3.3.7), gpgme, Bug Report, gpd5x, vsd34, S/MIME, kleopatra

• ikloecker moved T8187: Kleopatra: File encryption with invalid S/MIME certificate hangs indefinitely from Backlog to WIP on the vsd34 board.

Fixed. For VSD 3.4 this will also be fixed if gpgme is updated.

Mar 24 2026, 4:07 PM · vsd33 (vsd-3.3.7), gpgme, Bug Report, gpd5x, vsd34, S/MIME, kleopatra

• ikloecker added a project to T8187: Kleopatra: File encryption with invalid S/MIME certificate hangs indefinitely: gpgme.

This is a bug in gpgme. gpgsm_assuan_simple_command only reads a single line before waiting for more data although there is a second line (ERR ...) ready to be read. gpgsm never sends more data because it has already sent its full answer. So gpgme waits forever.

Mar 24 2026, 3:44 PM · vsd33 (vsd-3.3.7), gpgme, Bug Report, gpd5x, vsd34, S/MIME, kleopatra

• ikloecker claimed T8187: Kleopatra: File encryption with invalid S/MIME certificate hangs indefinitely.

Mar 24 2026, 2:28 PM · vsd33 (vsd-3.3.7), gpgme, Bug Report, gpd5x, vsd34, S/MIME, kleopatra

timegrid triaged T8187: Kleopatra: File encryption with invalid S/MIME certificate hangs indefinitely as Normal priority.

Mar 24 2026, 11:38 AM · vsd33 (vsd-3.3.7), gpgme, Bug Report, gpd5x, vsd34, S/MIME, kleopatra

• werner renamed T8186: gpgsm: Add an attribute with version information to signatures from gpgsm: Add an atrtibute with version information to signatures to gpgsm: Add an attribute with version information to signatures.

Mar 24 2026, 11:03 AM · Feature Request, S/MIME, gnupg26

• werner triaged T8186: gpgsm: Add an attribute with version information to signatures as Normal priority.

Mar 24 2026, 11:02 AM · Feature Request, S/MIME, gnupg26

• ebo removed a parent task for T6559: GPGSM: "always trust like override" or "force" option: T6701: GpgOL: Use GPGME_ENCRYPT_ALWAYS_TRUST.

Mar 24 2026, 10:08 AM · gnupg24 (gnupg-2.4.4), gpgme (gpgme 1.23.x), gnupg22 (gnupg-2.2.42), Feature Request, gpgol, S/MIME, kleopatra, Restricted Project

Mar 9 2026

• alexk removed a project from T7841: GpgOL: Concurrent access to S/MIME encrypted mail creates versions: vsd34.

Mar 9 2026, 3:30 PM · S/MIME, vsd, gpgol

Mar 4 2026

• gniibe added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

I looked at sm/keydb.c:keydb_set_ephemeral function. It says:

Mar 4 2026, 7:38 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Mar 3 2026

timegrid moved T8077: Kleopatra: Bold appearance for qualified signatures might be confusing for public and non-signing keys from Done to gpd-5.0.2 on the gpd5x board.

Mar 3 2026, 1:06 PM · gpd5x (gpd-5.0.2), S/MIME, vsd34, kleopatra

timegrid moved T8077: Kleopatra: Bold appearance for qualified signatures might be confusing for public and non-signing keys from QA to Done on the gpd5x board.

Looks good to me on gpg4win-5.0.2-beta2 @ win11:

Mar 3 2026, 1:05 PM · gpd5x (gpd-5.0.2), S/MIME, vsd34, kleopatra

• gniibe added a comment to T8032: libksba: Input validation for DER encoded INTEGER.

It seemed that the reporter (also) claimed that a git repo could be weak/vulnerable when X.509 signature (with a relevant curve key) is used to validate the commit.

Mar 3 2026, 1:51 AM · S/MIME, libksba, Bug Report

• gniibe added a comment to T8032: libksba: Input validation for DER encoded INTEGER.

For the record (to show we don't hide a problem), I add some information.

Mar 3 2026, 1:25 AM · S/MIME, libksba, Bug Report

Mar 2 2026

• ebo moved T8077: Kleopatra: Bold appearance for qualified signatures might be confusing for public and non-signing keys from WIP to QA on the gpd5x board.

Mar 2 2026, 4:54 PM · gpd5x (gpd-5.0.2), S/MIME, vsd34, kleopatra

Feb 24 2026

• ikloecker moved T8077: Kleopatra: Bold appearance for qualified signatures might be confusing for public and non-signing keys from Backlog to WIP on the vsd34 board.

Backported for VSD 3.4

Feb 24 2026, 3:15 PM · gpd5x (gpd-5.0.2), S/MIME, vsd34, kleopatra

• ikloecker changed the status of T8077: Kleopatra: Bold appearance for qualified signatures might be confusing for public and non-signing keys from Open to Testing.

Done.

Feb 24 2026, 3:14 PM · gpd5x (gpd-5.0.2), S/MIME, vsd34, kleopatra

• ebo updated the task description for T8077: Kleopatra: Bold appearance for qualified signatures might be confusing for public and non-signing keys.

Feb 24 2026, 12:47 PM · gpd5x (gpd-5.0.2), S/MIME, vsd34, kleopatra

• ebo added a comment to T8077: Kleopatra: Bold appearance for qualified signatures might be confusing for public and non-signing keys.

ok, lets do this. I'll update the description

Feb 24 2026, 12:45 PM · gpd5x (gpd-5.0.2), S/MIME, vsd34, kleopatra

timegrid added a comment to T8077: Kleopatra: Bold appearance for qualified signatures might be confusing for public and non-signing keys.

I'm fine with just dropping it.

Feb 24 2026, 12:25 PM · gpd5x (gpd-5.0.2), S/MIME, vsd34, kleopatra

Feb 23 2026

• ebo added a comment to T8077: Kleopatra: Bold appearance for qualified signatures might be confusing for public and non-signing keys.

Do we agree to drop bolt font for QES certificates?
Will we change this for VSD 3.4?

Feb 23 2026, 1:50 PM · gpd5x (gpd-5.0.2), S/MIME, vsd34, kleopatra