Feature RequestExperimental
ActivePublic

Members

  • This project does not have any members.

Watchers (1)

Recent Activity

Yesterday

werner reopened T4004: Curve25519 for Zeitcontrol card as "Open".
Thu, Nov 26, 5:08 PM · Feature Request, scd
werner added a comment to T4004: Curve25519 for Zeitcontrol card.

You are right, the new 3.4 cards support brainpool curves in addition to the nist curves.

Thu, Nov 26, 5:08 PM · Feature Request, scd
nitroalex added a comment to T4004: Curve25519 for Zeitcontrol card.

If you mean OpenPGP Card v3 standard, no it did not support cv25519 ed25519, but some other curves up until v3.4. So if there is a specific specification bringing this feature, can you might refer to the specific version? Otherwise, I think this task is still valid.
I remember the problem being the card manufacturers that are not interesting in cv25519 (yet).

Thu, Nov 26, 10:06 AM · Feature Request, scd
gniibe added a subtask for T3517: dirmngr: retry without SRV due to buggy routers: T3168: dirmngr: gpg: keyserver receive failed: No keyserver available.
Thu, Nov 26, 7:51 AM · Feature Request, dns, dirmngr
gniibe merged T3722: gpg "No name" error into T3517: dirmngr: retry without SRV due to buggy routers.
Thu, Nov 26, 7:31 AM · Feature Request, dns, dirmngr
gniibe merged T3574: gpg-agent doesn't pick up ssh certificates into T1756: gpg-agent doesn't accept ssh certificates.
Thu, Nov 26, 7:20 AM · gnupg, Feature Request
gniibe closed T4004: Curve25519 for Zeitcontrol card as Resolved.

Support was added in version 3 card.

Thu, Nov 26, 7:17 AM · Feature Request, scd

Mon, Nov 23

ikloecker added a comment to T5138: Change Reset Code not working in Kleopatra.

As for renaming "Change Reset Code" to "Set Reset Code", what about "Change PIN" and "Change Admin PIN"? Should they also be renamed? If not, why not? Is there no default reset code? Is there a way to find out whether the reset code has already been set (in which case "change" would be more appropriate than "set")?

Mon, Nov 23, 11:00 AM · Feature Request, Bug Report, kleopatra
ikloecker added a comment to T5138: Change Reset Code not working in Kleopatra.

You write

This does not work.

Can you be more specific? What doesn't work? Which OS, which version of Kleopatra, what smartcard are you using?

Mon, Nov 23, 10:52 AM · Feature Request, Bug Report, kleopatra
werner added a comment to T5137: gpg-agent 2.x poor performance / futex errors.

I though about this too but we need to take care about the logging functions of Libgcrypt which are intertwined with nPth (clamp function of libgpg-error).

Mon, Nov 23, 9:01 AM · Feature Request, gpgagent

Thu, Nov 19

Hafiz added a comment to T5136: Mega888.

{F1982353}

Thu, Nov 19, 9:36 PM · gpgagent, Feature Request
gniibe added a comment to T5137: gpg-agent 2.x poor performance / futex errors.

Thanks. I understand the situation. Basically, gpg-agent's computation is done by a single thread (in current implementation), although it accepts many requests simultaneously.

Thu, Nov 19, 3:21 AM · Feature Request, gpgagent

Wed, Nov 18

andrey.arapov added a comment to T5137: gpg-agent 2.x poor performance / futex errors.

Note that you actually run 30 independent processes with gpg 1.4 but with gpg-agent there is just one process to handle the private key operations (decrypt). To utilize more cores you need to setup several GNUPGHOME with the same private keys.

Wed, Nov 18, 2:33 PM · Feature Request, gpgagent
andrey.arapov added a comment to T5137: gpg-agent 2.x poor performance / futex errors.

I think that it is not gpg-agent but pinentry which causes millions of futex syscall errors.
For interactive use case, pinentry may be the point of contention.
I might be wrong if your key is not protected by passphrase.

If possible, please try adding arguments for gpg invocation: --pinentry-mode loopback --passphrase-file YOUR_FILE_FOR_PASSPHRASE
This can avoid the invocation of pinentry entirely.

Wed, Nov 18, 2:32 PM · Feature Request, gpgagent

Tue, Nov 17

werner created T5139: Kleopatra keypair creation wizard improvement.
Tue, Nov 17, 8:56 AM · Feature Request, kleopatra
werner created T5138: Change Reset Code not working in Kleopatra.
Tue, Nov 17, 8:47 AM · Feature Request, Bug Report, kleopatra
werner triaged T5137: gpg-agent 2.x poor performance / futex errors as Normal priority.

I change this to a feature request: Allow several processes to run public key decryption using the same set of private keys.

Tue, Nov 17, 8:35 AM · Feature Request, gpgagent

Mon, Nov 16

werner closed T5136: Mega888 as Spite.
Mon, Nov 16, 4:10 PM · gpgagent, Feature Request
Hafiz created T5136: Mega888.
Mon, Nov 16, 12:39 PM · gpgagent, Feature Request
werner triaged T5135: Provide more practical thread-safe strerror, perhaps with strerror_l as Normal priority.
Mon, Nov 16, 9:08 AM · gpgrt, Feature Request
gniibe closed T4641: Libassuan: enable the environment to set compiler and linker flags for helper tools as Resolved.
Mon, Nov 16, 7:28 AM · Testing, libassuan, Feature Request

Sun, Nov 15

werner added a comment to T5135: Provide more practical thread-safe strerror, perhaps with strerror_l.

I know these troubles.

Sun, Nov 15, 1:19 PM · gpgrt, Feature Request

Sat, Nov 14

pert created T5135: Provide more practical thread-safe strerror, perhaps with strerror_l.
Sat, Nov 14, 4:23 PM · gpgrt, Feature Request

Tue, Nov 10

ikloecker changed the status of T5094: Kleopatra: Add "revsig" support, a subtask of T5093: GnuPG: Add quick-revsig, from Open to Testing.
Tue, Nov 10, 5:01 PM · Feature Request, gnupg (gpg22)
jharvell added a comment to T3950: gnupg-2.2.6 fails to find correct library config programs when cross-compiling for ARM.

Thanks for addressing this in master.

Tue, Nov 10, 4:14 PM · Feature Request
gniibe closed T3950: gnupg-2.2.6 fails to find correct library config programs when cross-compiling for ARM as Wontfix.

The feature (better cross compiling) was done in master.
We close this bug report as "Won't fix" since it will never been applied to 2.2.

Tue, Nov 10, 6:48 AM · Feature Request
gniibe added a comment to T3950: gnupg-2.2.6 fails to find correct library config programs when cross-compiling for ARM.

In newer releases of libgpg-error, libksba, libassuan, libgcrypt, npth and ntbtls, we updated corresponding *.m4, so that we can use new gpgrt-config program only. And gpgrt-config command supports cross compiling and multiarch libraries.

Tue, Nov 10, 6:45 AM · Feature Request

Wed, Nov 4

werner closed T5093: GnuPG: Add quick-revsig as Resolved.
Wed, Nov 4, 8:40 AM · Feature Request, gnupg (gpg22)

Tue, Nov 3

werner lowered the priority of T4972: GPG: Add Option to force passphrase constraints for symmetric encryption, too from High to Normal.

FWIW, --enforce-passphrase-constraints does already work for symmetric-only encryption since 2.2.21 (rGae8b88c635424ef3). Thus this bug is actually a feature request to have a separate set of passphrase constraints option for symmetric-only mode.

Tue, Nov 3, 4:00 PM · gnupg (gpg22), Feature Request
werner raised the priority of T4972: GPG: Add Option to force passphrase constraints for symmetric encryption, too from Wishlist to High.
Tue, Nov 3, 10:58 AM · gnupg (gpg22), Feature Request

Mon, Nov 2

ikloecker added a commit to T5093: GnuPG: Add quick-revsig: rG8a941428086b: gpg: Fix iteration over signatures.
Mon, Nov 2, 9:14 AM · Feature Request, gnupg (gpg22)
ikloecker added a commit to T5093: GnuPG: Add quick-revsig: rGb004701adca8: gpg: Fix iteration over signatures.
Mon, Nov 2, 9:14 AM · Feature Request, gnupg (gpg22)

Thu, Oct 29

werner added a parent task for T4584: --quick-sign-key offers no way to override a current certification: T5093: GnuPG: Add quick-revsig.
Thu, Oct 29, 4:40 PM · gnupg (gpg22), Feature Request
werner added a subtask for T5093: GnuPG: Add quick-revsig: T4584: --quick-sign-key offers no way to override a current certification.
Thu, Oct 29, 4:40 PM · Feature Request, gnupg (gpg22)
werner edited projects for T4584: --quick-sign-key offers no way to override a current certification, added: gnupg (gpg22); removed gnupg.

Indeed we need to fix/enhance this to make testing of --quick-revoke-sig easier. See over at T5093

Thu, Oct 29, 4:39 PM · gnupg (gpg22), Feature Request
werner changed the status of T5093: GnuPG: Add quick-revsig from Testing to Open.

I recall that I had the same bug during development. Must have slipped in again - Good catch.

Thu, Oct 29, 4:36 PM · Feature Request, gnupg (gpg22)
ikloecker added a comment to T5093: GnuPG: Add quick-revsig.

I have added support for this to gpgme (and gpgme++/qgpgme). See T5094.

Thu, Oct 29, 1:00 PM · Feature Request, gnupg (gpg22)
ikloecker added a comment to T5093: GnuPG: Add quick-revsig.

By the way, --quick-sign-key after --quick-revoke-sig refuses to recertify the key. -> T4584

Thu, Oct 29, 12:58 PM · Feature Request, gnupg (gpg22)
ikloecker added a comment to T4584: --quick-sign-key offers no way to override a current certification.

There is another problem: Even if the first certification was revoked, trying to add a new certification with --quick-sign-key fails because '"user id" was already signed by key ...'

Thu, Oct 29, 12:31 PM · gnupg (gpg22), Feature Request
ikloecker added a comment to T5093: GnuPG: Add quick-revsig.

I found a bug. To reproduce generate a new key, then sign it with another key and then try to quick-revoke the signatures. This fails with "Not signed by you."

Thu, Oct 29, 12:14 PM · Feature Request, gnupg (gpg22)
werner added a comment to T5093: GnuPG: Add quick-revsig.

On purpose. We actually allow user ids and gpg should somehow reflect this. As requested by you I changed it in the man page to what is suggested.

Thu, Oct 29, 11:39 AM · Feature Request, gnupg (gpg22)
ikloecker added a comment to T5093: GnuPG: Add quick-revsig.

I've noticed an inconsistency between the command arguments in the man page and in the usage/error message.

Thu, Oct 29, 10:06 AM · Feature Request, gnupg (gpg22)

Wed, Oct 28

werner changed the status of T5093: GnuPG: Add quick-revsig from Open to Testing.
Wed, Oct 28, 6:26 PM · Feature Request, gnupg (gpg22)
werner placed T5093: GnuPG: Add quick-revsig up for grabs.

The backend part is ready. Someone(tm) now needs to add it to gpgme. Extending the sign key API might be the best solution.

Wed, Oct 28, 6:25 PM · Feature Request, gnupg (gpg22)
werner added a commit to T5093: GnuPG: Add quick-revsig: rG7ec56b033647: gpg: New command --quick-revoke-sig.
Wed, Oct 28, 6:19 PM · Feature Request, gnupg (gpg22)
werner added a commit to T5093: GnuPG: Add quick-revsig: rG243f9176e799: gpg: New command --quick-revoke-sig.
Wed, Oct 28, 5:20 PM · Feature Request, gnupg (gpg22)
werner added a comment to T5093: GnuPG: Add quick-revsig.

I was already considering this. I bet some people will view it as a bug if it is possible to add something other than a fingerprint. I'll change it in the man page.

Wed, Oct 28, 5:04 PM · Feature Request, gnupg (gpg22)

Oct 28 2020

ikloecker added a comment to T5093: GnuPG: Add quick-revsig.

Minor remark: I would change this (in the documentation) to

gpg --quick-revoke-sig fpr fpr-of-signing-key [names]

as for --quick-sign-key, --quick-add-key, and --quick-set-expire, even if USER IDs can be used instead of fingerprints. We shouldn't advertise the usage of USER IDs, if we prefer the users to use the fingerprints. I suggest to also change user-id to fpr in the documentation of --quick-add-uid and --quick-revoke-uid. Using USER IDs for identifying keys is ambiguous and errorprone (e.g. if non-ASCII characters get involved, which, incidentally, is the reason why I started to work on KMail).

Oct 28 2020, 10:46 AM · Feature Request, gnupg (gpg22)

Oct 27 2020

werner edited projects for T5093: GnuPG: Add quick-revsig, added: gnupg (gpg22), Feature Request; removed gnupg.
Oct 27 2020, 3:49 PM · Feature Request, gnupg (gpg22)
werner merged task T4095: Add non-interactive --quick-revoke-sig into T5093: GnuPG: Add quick-revsig.
Oct 27 2020, 3:44 PM · gnupg (gpg22), Feature Request