Change Details

Revoked User IDs are offered for encryption, which is confusing to users. This is not always the case, it seems as if it depends on if they have been used in the past. Additionally, the icons used for revoked UIDs in the sign/encrypt dialog may change and are partially wrong. How to reproduce: Encrypt something selecting one of the uids of a certificate with at least 2 of them. Then revoke that UID. Start to encrypt a message or go to the recipients tab of the notepad. Check which UIDs are offered: {F23992974} In case it is relevant, this is the window which opens if you choose the icon on the right of the drop down menu in the same case: {F23993018} Here all user-IDs are offered, be they valid or not, even if the UID was never selected for encryption. If I remember correctly, we planned to show revoked uids only in the extended filter dialog window? (so that user missing an ID they encrypted to before can find it there if they look.) This looked at first as if it was a regression, as the revoked certificates were not offered in VSD 3.3.0, see {T7183}. But if you have used the revoked UID before, it ist offered even in 3.3.0. And you can encrypt to it, too, although with a red encrypt button. And to add another aspect: what is displayed changes if you wait long enough: {F23994715} Note that UID-Zero is *not* revoked. It seems both UIDs of one and the same key get the same icon but a different background color. Why does the Icon change much later than the color? Why is the icon different in the "sign as" and the "encrypt for me" drop downs? The behavior for "encrypt to others" is different, when starting to type a name there, only valid IDs are offered. Only choosing the icon for the extended filter results in all UIDs beeing shown.

Revoked User IDs are offered for encryption, which is confusing to users. This is not always the case, it seems as if it depends on if they have been used in the past. Additionally, the icons used for revoked UIDs in the sign/encrypt dialog may change and are partially wrong. How to reproduce: Encrypt something selecting one of the uids of a certificate with at least 2 of them. Then revoke that UID. Start to encrypt a message or go to the recipients tab of the notepad. Check which UIDs are offered: {F23992974} In case it is relevant, this is the window which opens if you choose the icon on the right of the drop down menu in the same case: {F23993018} Here all user-IDs are offered, be they valid or not, even if the UID was never selected for encryption. If I remember correctly, we planned to show revoked uids only in the extended filter dialog window? (so that user missing an ID they encrypted to before can find it there if they look.) This looked at first as if it was a regression, as the revoked certificates were not offered in VSD 3.3.0, see {T7183}. But if you have used the revoked UID before, it ist offered even in 3.3.0. And you can encrypt to it, too, although with a red encrypt button. Edit 2025-06-11: the following part was wrong, I'd deleted the secret key in between which of course explains it… I'll delete that part to make the ticket more readable. But it seems the issue goes away if you delete the secret key and then reimport it.

Revoked User IDs are offered for encryption, which is confusing to users. This is not always the case, it seems as if it depends on if they have been used in the past. Additionally, the icons used for revoked UIDs in the sign/encrypt dialog may change and are partially wrong. How to reproduce: Encrypt something selecting one of the uids of a certificate with at least 2 of them. Then revoke that UID. Start to encrypt a message or go to the recipients tab of the notepad. Check which UIDs are offered: {F23992974} In case it is relevant, this is the window which opens if you choose the icon on the right of the drop down menu in the same case: {F23993018} Here all user-IDs are offered, be they valid or not, even if the UID was never selected for encryption. If I remember correctly, we planned to show revoked uids only in the extended filter dialog window? (so that user missing an ID they encrypted to before can find it there if they look.) This looked at first as if it was a regression, as the revoked certificates were not offered in VSD 3.3.0, see {T7183}. But if you have used the revoked UID before, it ist offered even in 3.3.0. And you can encrypt to it, too, although with a red encrypt button. And to add another aspect: what is displayed changes if you wait long enough:Edit 2025-06-11: the following part was wrong, I'd deleted the secret key in between which of course explains it… I'll delete that part to make the ticket more readable. {F23994715} Note that UID-Zero is *not* revoked. It seems both UIDs of one and the same key get the same icon but a different background color. Why does the Icon change much later than the color?But it seems the issue goes away if you delete the secret key and then reimport it. Why is the icon different in the "sign as" and the "encrypt for me" drop downs? The behavior for "encrypt to others" is different, when starting to type a name there, only valid IDs are offered. Only choosing the icon for the extended filter results in all UIDs beeing shown.