Page MenuHome GnuPG

Feature RequestExperimental
ActivePublic

Members

  • This project does not have any members.
  • View All

Recent Activity

Today

werner triaged T7715: Dirmngr shall send a User-Agent header as Normal priority.
Tue, Jul 8, 9:50 AM · Feature Request, gnupg26

Yesterday

ikloecker updated the task description for T7700: Kleopatra: Move kleopatrarc away from %LOCALAPPDATA%.
Mon, Jul 7, 4:38 PM · Feature Request, kleopatra, vsd34

Thu, Jul 3

ikloecker updated the task description for T7700: Kleopatra: Move kleopatrarc away from %LOCALAPPDATA%.
Thu, Jul 3, 2:31 PM · Feature Request, kleopatra, vsd34
ikloecker claimed T7700: Kleopatra: Move kleopatrarc away from %LOCALAPPDATA%.
Thu, Jul 3, 10:36 AM · Feature Request, kleopatra, vsd34
collinfunk added a comment to T6598: Fix FD2INT for 64-bit Windows.

Can't you just use file descriptors everywhere and use _get_osfhandle. That is what I am used to seeing in Windows code in Gnulib (although I do not touch it much).

Thu, Jul 3, 4:23 AM · Windows 64, Feature Request, gnupg26

Wed, Jul 2

werner reopened T6598: Fix FD2INT for 64-bit Windows as "Open".

Regarding 64bit handles https://learn.microsoft.com/en-us/windows/win32/winprog64/interprocess-communication
tells us:

Wed, Jul 2, 4:41 PM · Windows 64, Feature Request, gnupg26
werner reopened T6598: Fix FD2INT for 64-bit Windows, a subtask of T6508: Port GnuPG to 64-bit Windows, as Open.
Wed, Jul 2, 4:41 PM · Windows 64, Feature Request, gnupg26
werner triaged T7713: Allow to skip the qualified signature confirmation prompt as Normal priority.
Wed, Jul 2, 11:41 AM · S/MIME, Feature Request, gnupg26
werner triaged T7710: Kleopatra: Paperkey can't handle curve448/kyber keys as Normal priority.

This seems to be a good opportunity to replace paperkey with a new tool to take advantage of the smaller ECC keys which allow us to re-generate most stuff.

Wed, Jul 2, 9:14 AM · Feature Request, gnupg26, kleopatra

Mon, Jun 30

timegrid moved T6694: Random numbers from gpgme from Backlog to Done on the gpd5x board.

Ingo tested this and it worked.

Mon, Jun 30, 11:02 AM · gpd5x, gpgpass, gpgme, Feature Request

Thu, Jun 26

ebo added a project to T7328: Add Kleopatra configs to gpgconf -X: gpd5x.
Thu, Jun 26, 5:31 PM · gpd5x, Windows, gnupg, Feature Request

Wed, Jun 25

werner triaged T7700: Kleopatra: Move kleopatrarc away from %LOCALAPPDATA% as High priority.

But we have the same problems on Unix as described by T7699. (funny, the other bug mentioned above has 76 reversed)

Wed, Jun 25, 6:21 PM · Feature Request, kleopatra, vsd34

Mon, Jun 23

ebo raised the priority of T7581: Kleopatra: Create team key from Normal to High.
Mon, Jun 23, 3:48 PM · Feature Request, gpd5x, kleopatra

Wed, Jun 18

ebo closed T7657: Kleopatra: Refresh OpenPGP Certificates doesn't respect WKD setting as Invalid.

We decided in T7579: Kleopatra: improve menu items to remove this action. Users will instead have to mark certificates they want to update and use the Update Certificates action in the "Certificates" menu.

Wed, Jun 18, 4:56 PM · Feature Request, kleopatra
werner closed T6551: translate_sys2libc_fd_int on Windows 64-bit, a subtask of T6508: Port GnuPG to 64-bit Windows, as Resolved.
Wed, Jun 18, 9:45 AM · Windows 64, Feature Request, gnupg26
werner closed T6551: translate_sys2libc_fd_int on Windows 64-bit as Resolved.
Wed, Jun 18, 9:45 AM · Windows 64, Feature Request, gnupg26
werner closed T6508: Port GnuPG to 64-bit Windows as Resolved.

After several gpg4win-5 betas be can set this task to resolved.

Wed, Jun 18, 9:44 AM · Windows 64, Feature Request, gnupg26
werner closed T6580: Use gnupg_fd_t if it's relevant, a subtask of T6508: Port GnuPG to 64-bit Windows, as Resolved.
Wed, Jun 18, 9:43 AM · Windows 64, Feature Request, gnupg26
werner closed T6580: Use gnupg_fd_t if it's relevant as Resolved.

I claim this resolved given several gpg4win-5 betas.

Wed, Jun 18, 9:43 AM · Windows 64, Feature Request, gnupg26
werner closed T6598: Fix FD2INT for 64-bit Windows, a subtask of T6508: Port GnuPG to 64-bit Windows, as Resolved.
Wed, Jun 18, 9:42 AM · Windows 64, Feature Request, gnupg26
werner closed T6598: Fix FD2INT for 64-bit Windows as Resolved.

I claim this resolved given that we had several gpg4win-5 betas and no reported problems was related to this.

Wed, Jun 18, 9:42 AM · Windows 64, Feature Request, gnupg26
werner lowered the priority of T6234: Implement access to smartcards via a generic pkcs#11 interface from Normal to Wishlist.

The actual project we had in mind for this was more or less canceled and thus I re-prioritize this task.

Wed, Jun 18, 9:38 AM · gnupg, Feature Request, scd
werner closed T7014: agent: Enhancement of PKDECRYPT for KEM interface as Resolved.

This was release with 2.5.7.

Wed, Jun 18, 9:29 AM · gnupg26, gpgagent, Feature Request

Tue, Jun 17

ebo renamed T7581: Kleopatra: Create team key from Draft: Kleopatra: Create Group key to Kleopatra: Create team key.
Tue, Jun 17, 5:30 PM · Feature Request, gpd5x, kleopatra
gniibe closed T5964: gnupg should use the KDFs implemented in libgcrypt as Resolved.
Tue, Jun 17, 2:38 AM · gnupg26, FIPS, Feature Request

Jun 2 2025

werner added a comment to T7381: gpg-mail-tube,gpg-wks-server: Allow the use of templates instead of static texts..

We do this now also for gpg-wks-server. Further gpg-wks-client now sends the current language to the server so that the server can get back to the user with a proper translated text (if configured).

Jun 2 2025, 12:38 PM · Feature Request, gnupg26
werner renamed T7381: gpg-mail-tube,gpg-wks-server: Allow the use of templates instead of static texts. from gpg-mail-tube: Allow the use of templates instead of static texts. to gpg-mail-tube,gpg-wks-server: Allow the use of templates instead of static texts..
Jun 2 2025, 12:37 PM · Feature Request, gnupg26

May 30 2025

werner changed the status of T7381: gpg-mail-tube,gpg-wks-server: Allow the use of templates instead of static texts., a subtask of T7292: gpg-mail-tube: Add more features, from Open to Testing.
May 30 2025, 2:57 PM · Feature Request, gnupg26
werner changed the status of T7381: gpg-mail-tube,gpg-wks-server: Allow the use of templates instead of static texts. from Open to Testing.

Alright. We use utf-8 in our template files and switch to QP encoding when needed.

May 30 2025, 2:57 PM · Feature Request, gnupg26

May 28 2025

aheinecke added a comment to T7657: Kleopatra: Refresh OpenPGP Certificates doesn't respect WKD setting.

Just as a reminder, knowledge transfer, because this is easily overlooked in testing but at least one customer would have gotten very annoyed if we had ever deployed an "Update all certificates" function which "added" new certificates. Even with the update of a single cert, we had a "funny" issue, like if you had expired certificates from anywhere and not from WKD (which old keyrings have a lot, maybe with many uids). Suddenly an update would pull in new keys which come from WKD but maybe there they all only have one UID. Because for keyservers the identifier was the fingerprint and for WKD the identifier was the userid.
Or even worse, you explicitly threw out the OpenPGP keys from WKD because you wanted to use only S/MIME, then such a function may not search on any OpenPGP Sources.
When I worked at Kleopatra we didn't want such a feature in GnuPG. Our strategy was to update keys when they are used, about to be used or close to expiry. The whole locate-external-key thing.
I think the feature we had to update in the certificate details is good. But i recommend especially keeping the S/MIME / OpenPGP difference in mind. I would also call it "Search updated certificates" with a tooltip that it might also find "new" certificates for the user. And then an option to disable this either for S/MIME or for OpenPGP.

May 28 2025, 9:45 PM · Feature Request, kleopatra
werner moved T7663: Certificated signed using SHA-1 isn't trusted, but needs --force-sign-key to re-sign. from Backlog to QA on the gnupg26 board.
May 28 2025, 10:47 AM · gnupg24, gnupg26, Feature Request

May 27 2025

ikloecker edited projects for T7657: Kleopatra: Refresh OpenPGP Certificates doesn't respect WKD setting, added: Feature Request; removed Bug Report.

Tools / Refresh OpenPGP certificates runs gpg --refresh-keys. I don't think that this command knows anything about WKD.

May 27 2025, 5:20 PM · Feature Request, kleopatra

May 26 2025

werner edited projects for T7663: Certificated signed using SHA-1 isn't trusted, but needs --force-sign-key to re-sign., added: Feature Request, gnupg26, gnupg24; removed Bug Report.
May 26 2025, 6:08 PM · gnupg24, gnupg26, Feature Request
gniibe added a parent task for T5964: gnupg should use the KDFs implemented in libgcrypt: T7649: gnupg: Use KEM interface for encryption/decryption.
May 26 2025, 6:34 AM · gnupg26, FIPS, Feature Request
gniibe added a parent task for T7014: agent: Enhancement of PKDECRYPT for KEM interface: T7649: gnupg: Use KEM interface for encryption/decryption.
May 26 2025, 6:33 AM · gnupg26, gpgagent, Feature Request
gniibe changed the status of T5964: gnupg should use the KDFs implemented in libgcrypt from Open to Testing.

Done by T7649: gnupg: Use KEM interface for encryption/decryption

May 26 2025, 6:32 AM · gnupg26, FIPS, Feature Request

May 22 2025

ebo added a project to T5006: Kleopatra: Display Names and Key-IDs for certificates after any attempt to import them.: gpd5x.
May 22 2025, 3:35 PM · gpd5x, kleopatra, Feature Request
ebo added a comment to T5006: Kleopatra: Display Names and Key-IDs for certificates after any attempt to import them..

Please solve this the same as our solution in T7630: add a button in the results window to open a new window with all the imported certificates.

May 22 2025, 3:35 PM · gpd5x, kleopatra, Feature Request
ebo renamed T7582: Kleopatra: Make default backup location for secret keys configurable from Draft: Kleopatra: make storage location configurable to Kleopatra: Make default backup location for secret keys configurable.
May 22 2025, 3:05 PM · Feature Request, gpd5x, kleopatra
alexk changed the status of T7269: Attachments vanish from forward encrypted message from Open to Testing.

Fixed in most cases.
Edge cases will be examined further.

May 22 2025, 1:37 PM · Restricted Project, Feature Request, gpgol

May 16 2025

dkg added a comment to T5993: gpg should reject compressed packets outside of messages.

For example Poppler uses GnuPG comment packets to lower its own attack surface by leaving all OpenPGP handling to gpg. The patch (or at least the version we noticed in Fedora and Debian) entirely breaks this use.

May 16 2025, 4:12 PM · Feature Request, gnupg
werner closed T5993: gpg should reject compressed packets outside of messages as Resolved.
May 16 2025, 2:46 PM · Feature Request, gnupg
werner added a comment to T5993: gpg should reject compressed packets outside of messages.

(The commits had a wrong bug it in their message)

May 16 2025, 2:44 PM · Feature Request, gnupg
werner added a comment to T5993: gpg should reject compressed packets outside of messages.

It might be useful to have samples of compressed keys:

May 16 2025, 2:20 PM · Feature Request, gnupg
werner updated subscribers of T5993: gpg should reject compressed packets outside of messages.

No, we can't do much about this. It has always been easy to create compression bombs and the more relevant thing here is compressed signed or encrypted data. Or just compressed mails. The patch by @DemiMarie is way to complicated for what it wants to achieve and actually breaks existing use cases. For example Poppler uses GnuPG comment packets to lower its own attack surface by leaving all OpenPGP handling to gpg. The patch (or at least the version we noticed in Fedora and Debian) entirely breaks this use.

May 16 2025, 12:04 PM · Feature Request, gnupg

May 15 2025

hej added a comment to T7581: Kleopatra: Create team key.

"Geheimen Team-Schlüssel zum internen Teilen abspeichern." is grammatically correct, but it sound very formal and clunky for a UI tooltip. It lacks clarity, therefore I suggest:

May 15 2025, 9:31 AM · Feature Request, gpd5x, kleopatra

May 14 2025

TobiasFella changed the status of T7580: Kleopatra: Add a dialog window to the disable/enable certificate action, a subtask of T7216: Kleopatra: Integrate "disabled" feature from gpg, from Open to Testing.
May 14 2025, 11:59 AM · Feature Request, kleopatra
ebo renamed T7616: Kleopatra: add test to check connectivity from Draft: Kleopatra: add test to check connectivity to Kleopatra: add test to check connectivity.
May 14 2025, 11:58 AM · gpd5x, Feature Request, kleopatra
ebo updated the task description for T7616: Kleopatra: add test to check connectivity.
May 14 2025, 11:53 AM · gpd5x, Feature Request, kleopatra
ebo updated the task description for T7616: Kleopatra: add test to check connectivity.
May 14 2025, 11:34 AM · gpd5x, Feature Request, kleopatra