Change Details

split from {https://dev.gnupg.org/T6702} **Usecase**: - Users should be able to use invalid/expired/disabled certificates for both signature/encryption - Invalid: users might have an S/MIME cert for a recipient, but not the root/intermediate certificate, and still need to send information - Expired: especially renewal of S/MIME certificates might take a while, but also pgp recipients might have forgotten to extend or publish their extended cert - Disabled: could be temporarily enabled, but as it's easy to implement, it can be easily used once that way without the need to use the CLI **Current state** of offered pgp/smime certs: - GpgOL (security dialog) - "sign as": expired/revoked/disabled not offered, invalid forbidden (OK button disabled) - "encrypt to": all offered, invalid/disabled/expired/revoked forbidden (OK button disabled) - Kleopatra (tested with sign/encrypt file, probably the same for notepad/etc) - all offered (via "show certificate list"), invalid/disabled/expired/revoked forbidden (OK button disabled) **Implementation**: - gpg - a "force/always-trust" flag is needed, which also permits using expired certs (would be also helpful for testing) - Kleopatra and GpgOL - add a checkbox "Lower Security/Sicherheit verringern" next to the disabled OK button - should only be displayed, if a forbidden cert (only invalid/expired/disabled, not revoked) is selected - tooltip should show more explanation for the implications (especially vs-nfd compliance) - if checked - the OK button should be reenabled (which adds the "force/always-trust" flag; needs this flag implemented in `gpg`) - on OK, an additional warning/confirmation dialog with an explanation of the implication should be displayed - add a registry setting flag to disable this checkbox (as some admins might not want to enable their users to do this) - Kleopatra - the difficulty to add forbidden certs is intentional (to incentivise the proper fix of the problem, e.g. cert renewal) - GpgOL - add the forbidden certs (only invalid/expired/disabled, not revoked) to "sign as" as well - ensure, that the security dialog is shown, if a forbidden cert is chosen (probably already works that way) - ideally on "reply all", the forbidden certs should be preselected in the security dialog

split from {https://dev.gnupg.org/T6702} **Usecase**: - Users should be able to use invalid/expired/~~disabled~~ certificates for both signature/encryption - Invalid: users might have an S/MIME cert for a recipient, but not the root/intermediate certificate, and still need to send information - Expired: especially renewal of S/MIME certificates might take a while, but also pgp recipients might have forgotten to extend or publish their extended cert ~~- Disabled: could be temporarily enabled, but as it's easy to implement, it can be easily used once that way without the need to use the CLI~~ There is (and will be) no gpg option for this. **Current state** of offered pgp/smime certs: - GpgOL (security dialog) - "sign as": expired/revoked/disabled not offered, invalid forbidden (OK button disabled) - "encrypt to": all offered, invalid/disabled/expired/revoked forbidden (OK button disabled) - Kleopatra (tested with sign/encrypt file, probably the same for notepad/etc) - all offered (via "show certificate list"), invalid/disabled/expired/revoked forbidden (OK button disabled) **Implementation**: - gpg - a "force/ignore-expiration" flag is needed, which also permits using expired certs - Kleopatra and GpgOL - add a checkbox "Lower Security" ("Sicherheit verringern") next to the disabled OK button - should only be displayed, if a forbidden cert (only invalid/expired, not revoked or disabled) is selected - tooltip should show more explanation for the implications (especially vs-nfd compliance) - if checked - the OK button should be re-enabled (which adds the "always-trust or ignore-expiration" flag; needs the latter flag implemented in `gpg`) -> {T8195} - on OK, an additional warning/confirmation dialog with an explanation of the implication should be displayed - add a registry setting flag to disable this checkbox (as some admins might not want to enable their users to do this) - Kleopatra - the difficulty to add forbidden certs is intentional (to incentivise the proper fix of the problem, e.g. cert renewal) - GpgOL - add the forbidden certs (only invalid/expired, not revoked/disabled) to "sign as" as well - ensure, that the security dialog is shown, if a forbidden cert is chosen (probably already works that way) - ideally on "reply all", the forbidden certs should be preselected in the security dialog

split from {https://dev.gnupg.org/T6702} **Usecase**: - Users should be able to use invalid/expired/~~disabled~~ certificates for both signature/encryption - Invalid: users might have an S/MIME cert for a recipient, but not the root/intermediate certificate, and still need to send information - Expired: especially renewal of S/MIME certificates might take a while, but also pgp recipients might have forgotten to extend or publish their extended cert ~~- Disabled: could be temporarily enabled, but as it's easy to implement, it can be easily used once that way without the need to use the CLI~~ There is (and will be) no gpg option for this. **Current state** of offered pgp/smime certs: - GpgOL (security dialog) - "sign as": expired/revoked/disabled not offered, invalid forbidden (OK button disabled) - "encrypt to": all offered, invalid/disabled/expired/revoked forbidden (OK button disabled) - Kleopatra (tested with sign/encrypt file, probably the same for notepad/etc) - all offered (via "show certificate list"), invalid/disabled/expired/revoked forbidden (OK button disabled) **Implementation**: - gpg - a "force/always-trustignore-expiration" flag is needed, which also permits using expired certs (would be also helpful for testing) - Kleopatra and GpgOL - add a checkbox "Lower Security/" ("Sicherheit verringern") next to the disabled OK button - should only be displayed, if a forbidden cert (only invalid/expired/disabled, not revoked or disabled) is selected - tooltip should show more explanation for the implications (especially vs-nfd compliance) - if checked - the OK button should be rere-enabled (which adds the "force/always-trustt or ignore-expiration" flag; needs thise latter flag implemented in `gpg`) -> {T8195} - on OK, an additional warning/confirmation dialog with an explanation of the implication should be displayed - add a registry setting flag to disable this checkbox (as some admins might not want to enable their users to do this) - Kleopatra - the difficulty to add forbidden certs is intentional (to incentivise the proper fix of the problem, e.g. cert renewal) - GpgOL - add the forbidden certs (only invalid/expired/disabled, not revoked/disabled) to "sign as" as well - ensure, that the security dialog is shown, if a forbidden cert is chosen (probably already works that way) - ideally on "reply all", the forbidden certs should be preselected in the security dialog