This page is intended for feature ideas and descriptions that could be implemented in the future.
Make it easier to create of keys larger than 3072 bits
Gpg4win/GPA should make it easier to create RSA keys with more than 3072bits. User apap suggests making 4096 bits the default keysize for an RSA key and allowing the user to go much higher (upto 8K key at least) in the advanced configuration "create new key" input GUI.
Guide first time users
When starting Kleopatra for the first time on Windows it currently starts up with an empty Window and users may felt lost or may not know what do to next. Kleopatra should give users an idea what to do next, e.g. generated a certificate or configure some keyservers.
Improved Smart Card handling
GUI for Revocation certificates
Kleopatra should allow you to generate and publish a revocation certifcate for your certificates.
Kleopatra is KDE Software and thus available in 50 Languages. There could be optional "Language pack downloads" made available for those languages or at least for all the languages that the Gpg4win installer supports.
Better certificate selection dialog
The selection dialog could be improved. The default view should be very simple, but showing something that motivates people to look into the second and third layer of information.
- Layer: Just a graded information how well the fit of certificates is.
- Layer: Showing the accumulated information per email address.
- Layer: Showing the default information per email, address like encryption method, last contact via the certification, trustlevel, grade of algorithms.
Ability to decrypt files that do not have the .gpg extension in their filename
As of Feb 2014, trying to decrypt a file without the .gpg extension results in the somewhat missleading error message "Could not determine whether this is an S/MIME or an OpenPGP signature - maybe it is not a signature at all?"
Note: Microsoft dropped the exchange client extension interface that GpgOl used in Outlook 2010. Because of this there are now basically two Versions of GpgOl one for Outlook 2010 and later Versions and another one for Outlook 2003 - 2007. Please mark feature ideas for those versions with an (Ol 2010+)
PGP/MIME (Ol 2010+)
Yes that one,.. The big problem here is that Outlook and Exchange mangle the MIME structure and we have to use tricks to correctly implement it. Full support for PGP/mime in an Outlook and Exchange environment might even be impossible. Another problem are restrictions on the way how we can display decrypted and/or verified Data in a way that is secure and user friendly.
In Body Sign/Encrypt (OpenPGP) (Ol 2010+)
For the basic support it would be nice if there was an option to combine the sign encrypt options to create a combined PGP Message. This feature would only be available for OpenPGP (similar as with the clipboard).
Support for 64bit Outlook (Ol 2010+)
Compile, package and test a version of GpgOL for 64bit versions of Outlook. Probably Outlook 2013 as this seem to be more widespread.
- Checkbox for "Show Passphrase" A checkbox that disables the obfuscation of the Passphrase in the input field. This could help with the input of complex passphrases if you are sure that no one watches over your Shoulder ;)
- Add these features also to the GTK+ Version of the Pinentry.
- Improve the native Windows Passphrase which is part of the vanilla intaller. For example it could be tied to the Windows taskbar, so that a user knows where to look for it.
- Or create a static pinentry-qt4 binary that does not depend on the Qt DLL's and could be included in the vanilla / light installers.
Improved Encoding handling
- Test / fix filename problems for gpgEx with Unicode characters (e.g. issue1324)
- Fix console output encoding of gpg
- Fix gpgol < 2010 encoding Problems
- Proactively hunt encoding Problems and tackle them.
File extension handling:
Gpg4win should register file extensions like .asc .gpg .pk7 etc. and open an appropriate Software / Dialog to handle those files when they are double clicked in the Windows explorer. FWIW, gpgme now has an identify feature which works similar to file(1) by looking at the content of a file. As of now it is able to detect binary CMS message and armored PGP messages. We should extend that to binary PGP messages.
Comprehensive Video Tutorials
It would be nice to have a set of clear and short Video tutorials that explain a single use case. With the idea that you can link to those if you want to send someone a short "User friendly" explanation how they can securely communicate with you. Some ideas:
- How to generate an OpenPGP Key and distribute your public key.
- How to encrypt/sign files
- How to handle encrypted and signed files
- How to use the rudimentary Outlook 2010 / 2013 support
- Working with encrypted Text and the Clipboard.
It seems some people would benefit from an interactive walkthrough to some of the usually stages. Or an interactive question and answer session with screencast (== webinar/webworkshop? :) )
Remove necessity to reboot in the installer:
The Gpg4win installer should get a proper handling of running processes and make sure that everything is killed correctly when updating / uninstalling so that the Windows 98'ish "Reboot Now" will usally not anymore happen.