In the Digital Signatures -> Sign Document | Select Certificate dialog, when several keys are available there's no indication of which key is which. No key ID, no fingerprint, no creation date, no UID. Only when hitting View Certificate... General the creation date is displayed (Valid from), under Details there are SHA1 and MD5 sums not related to key ID or fingerprint.
Is this issue still true?
Created attachment 165765 [details] look in 7.1+ I guess it is.
Dear Eike Rathke, This bug has been in NEEDINFO status with no change for at least 6 months. Please provide the requested information as soon as possible and mark the bug as UNCONFIRMED. Due to regular bug tracker maintenance, if the bug is still in NEEDINFO status with no change in 30 days the QA team will close the bug as INSUFFICIENTDATA due to lack of needed information. For more information about our NEEDINFO policy please read the wiki located here: https://wiki.documentfoundation.org/QA/Bugzilla/Fields/Status/NEEDINFO If you have already provided the requested information, please mark the bug as UNCONFIRMED so that the QA team knows that the bug is ready to be confirmed. Thank you for helping us make LibreOffice even better for everyone! Warm Regards, QA Team MassPing-NeedInfo-Ping
Read the comment above :p (status should had been updated though).
You can always get more info per "view certificate". I don't believe the fingerprint is used by anyone but perhaps the issuing date. And we could save space with icons (and tooltips) for the certificate usage. Easyhack with medium to interesting difficulty. xmlsecurity/uiconfig/ui/selectcertificatedialog.ui xmlsecurity/source/dialogs/certificatechooser.cxx
There's no key ID under View Certificate for OpenPGP keys either, only the first uid (Issued to / Issued by) and Valid from / Valid to for each key. Furthermore, under Tools -> Options -> User Data, Cryptography, there are no details for the available keys whatsoever. And fingerprints *are* used to identify keys, at least the so-called long ID (last 16 hex digits) should be displayed along.
If you think the fingerprint is widely used as primary identifier we should in fact add it to the main window. Everything else is well suited under the additional info.
The certification dialog is a bit clumsy and I wonder if we can get rid of some buttons. The View Certification dialog maybe could be dropped in favor of detailed information in a children node (the simple list would become a tree). The Remove function could be done per delete and a context menu, leaving "Sign Document..." which could be renamed "Add signature" and the "Start Cert. Manager" that could be moved out of the dialog into an extra command (not ideal though). Point is that Digital Signature is actually just View Signatures with the on-top option to add another. Would be nice to simplify the workflow.
With the commit proposed to revert in bug 161871, we could get back the "Expiration date" column. But many people don't set an expiration date. So I'd agree, that the creation date, GPG key ID and possibly primary email address would be more helpful. BE SURE TO CHECK THE FOLLOWING POINTS WHEN MAKING CHANGES TO THE CERTIFICATE CHOOSER DIALOG: For X.509 certificates (from Mozilla profile) there should also be proper values in newly created columns. Else the dialog might look broken when people use X.509 instead of GPG. And the same dialog is being used for PDF signing (X.509), ODF signing (X.509 + GPG) and ODF encryption (GPG). So all scenarios should be checked when making changes. Also there's no need to squeeze everything into a dialog window less than 700 pixels wide, when most people have 1920 pixel wide displays. So I'm working on making the dialog window resizeable with all UIs (vclplugin). And maybe then we should also set a larger default size. (currently maximizing the dialog only works with `SAL_USE_VCLPLUGIN=gtk3`) And there are currently two related bugs: bug 161872: regression: ODF X.509 signing doesn't work since libxmlsec 1.2.37 -> 1.3.1 bug 161908: Certificate Chooser shows only one X.509 per email