Regression between 7.6 and libreoffice-24.2.0.0.alpha1 due to: https://git.libreoffice.org/core/+/9f327102c435887bbae650b3a573f44500b6f534%5E%21/ Columns broken: Since the commits the columns don't work at all. All but the first column miss actual content. Discussion: Type actually useful!? I think the Type column (X.509/GPG) is actually useful. When having X.509 and GPG set up, a user might want to explicitly use X.509 or GPG for certain documents. Usually because the document is for a person which only has X.509 or GPG. So I would keep this column. Discussion: Usage still needed I agree, that the "Usage" (sign and/or encrypt) ideally should not be needed here. But currently the Certificate Chooser lets users choose encrypt-only keys for signing and the other way around. When selecting a key with a wrong "Usage" the cryptographic process fails. To make this less painful the "Usage" column should stay for the moment. But the perfect solution would be a proper preselection which only lists the keys suitable for the given use case (sign or encrypt a document). So I'd vote to revert the commit. And when a preselection for the "Usage" (sign/encrypt) has been implemented, the part dropping the "Usage" column can again be cherry-picked. -- Bug moved out of this meta bug: (OpenPGP) - [META] OpenPGP bugs and enhancements Bug 158839 comment 1, section: CertificateChooser dialog
Reverting 9f327102c works well on the current master and solves the listed problems. Tested master at: https://git.libreoffice.org/core/+/b32aa67f17a645c1d6f2b544d315f12bad123547/
Wasn't X509 for PDF only? "All but the first column miss actual content." is hard to follow.
(In reply to Heiko Tietze from comment #2) > Wasn't X509 for PDF only? Beside PDF files you can also sign ODF files with X.509. ODF X.509 signing is just broken since LO 24.2, but it worked fine in 7.6. And I hope to have this fixed soon. regression: ODF X.509 signing doesn't work since libxmlsec 1.2.37 -> 1.3.1 https://bugs.documentfoundation.org/show_bug.cgi?id=161872 When signing ODF files GPG and X.509 usage is possible. So the list shows X.509 and GPG keys in the same dialog. > "All but the first column miss actual content." is hard to follow. Only the first column "Issued to" has content. The remaining columns "Issued by" and "Expiration date" are left empty since 9f327102c. There's simply no text in these columns.
(In reply to Moritz D. from comment #0) > [...] > And when a preselection for the "Usage" (sign/encrypt) has been implemented, > the part dropping the "Usage" column can again be cherry-picked. Just as a note for a follow up ticket: I had another thought about this. And maybe we shouldn't even try to implement pre-filtering by the usage. It could irritate users when keys are not being shown. Instead there should be a proper error when the user selects a key which doesn't have the needed Usage attributes (instead of letting the cryptographic procedure crash as it currently does).
(In reply to Moritz Duge from comment #3) > Only the first column "Issued to" has content. > > The remaining columns "Issued by" and "Expiration date" are left empty since > 9f327102c. There's simply no text in these columns. That's weird. The mentioned patch just hides the two columns to improve usability. It was a conscious decision and just reverting sounds wrong to me. But I haven't checked the issue, so no confirmation, just ranting ;-).
I don't agree with the prefiltering part due to the same reason you proposed which is conscious, the decision to remove the usage & type columns were mainly to appeal to the most % of the use cases leaving the less used details in the "view certificate" dialog and back then we had a couple of meetings to decide on what to keep/remove. I think that for the usage part, usually in cases where two different keys used for encryption vs signing it gets added as a subkey (and thus in the UI both will have the same entry, but the subkey will be automatically used according to whether it's in encryption or signing) Also in cases for splitted certificates, a large margin of those usually include that usage part in the comment attribute of the certificate (since in other cert usage cases you are only seeing the comments) which is also viewed directly in the dialog The question is what % would the case the two keys are separate of the total usage cases (and it'll be frustrating not to have the usage columns) and view certificate dialog won't be enough. I agree that the dialog in case a sign only cert was used for encryption should include more information anyways rather than just "OpenPGP key not trusted, damaged, or encryption failure". These are my thoughts tho based on the earlier discussions we had and your comments, some details are maybe missing but maybe hossein can provide his input as well
(In reply to Heiko Tietze from comment #5) > It was a conscious decision and just reverting sounds wrong to > me. But I haven't checked the issue, so no confirmation, just ranting ;-). Where was this decided? Can you point me to some minutes or bug # ?
Will revert that commit for now. As Moritz pointed out the commit broke the columns in all backends except GTK3. Needs more discussion, and if it's decided that Type and Usage columns are indeed to be removed, a proper fix.
Samuel Mehrbrodt committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/commit/a19aa4754651e685ca07131bfa454c3360191269 tdf#161871 Revert "Removed Type and Usage Columns from Certificate Chooser" It will be available in 25.2.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Samuel Mehrbrodt committed a patch related to this issue. It has been pushed to "libreoffice-24-2": https://git.libreoffice.org/core/commit/d9e065b8fada80b7c7c413ce27b744af19c407c6 tdf#161871 Revert "Removed Type and Usage Columns from Certificate Chooser" It will be available in 24.2.6. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Samuel Mehrbrodt committed a patch related to this issue. It has been pushed to "libreoffice-24-8": https://git.libreoffice.org/core/commit/0b80db94d445434ab12002b9ba11c15f00accc19 tdf#161871 Revert "Removed Type and Usage Columns from Certificate Chooser" It will be available in 24.8.1. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Samuel Mehrbrodt committed a patch related to this issue. It has been pushed to "libreoffice-24-8-0": https://git.libreoffice.org/core/commit/2a345ecd880fa009b58231a0cb958ed85c05610c tdf#161871 Revert "Removed Type and Usage Columns from Certificate Chooser" It will be available in 24.8.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.