Pause before action

Is there a way to have Kleopatra pause before acting on a certificate? In other words when importing a certificate it shows you the details of it and then allows you to hit yes or no? The reason I ask this is because I inadvertently revoked my own key. I was trying to see what it showed in the rev certificate and unfortunately Kleopatra took off with it and revoked it before I could stop it. Thankfully it didn’t send it out so was just a bit of time to re-import it.

Anyway I was just wondering if there was a way when if imports a key or certificate to prompt before proceeding.


Hi Mark,

as afar as I know technically it is not possible to “inspect” a certificate right now.
But we’ll keep this use case around.

Note that usually a revocation certificate does not work out of the box,
it has a safety switch.

“”“To avoid an accidental use of this file, a colon has been inserted
before the 5 dashes below. Remove this colon with a text editor
before importing and publishing this revocation certificate.

So you did remove the safety and then tried to open with kleopatra?


Hi Bernhard,

That would be nice if you can figure out a way. That day I also found out why the revocation certificates Kleopatra creates has that safety switch. The ones Enigmail do not (and that is the one it imported).

On the topic of revocation certificates I noticed that some of mine have the certificate details such as key type, creation date of key, etc and others do not. Both were created with Kleopatra so not sure why the difference. I know it’s not a big deal but just curious.


Hi Mark,

okay, wouldn’t this be worth a report to Enigmail, to ask why they are creating revocation certificates without safety switch?

The difference in details probably are related to different GnuPG versions (the crypto engine), is there a correlation between “creating date” and level of detail included?


I probably should report it to Enigmail but not sure how much it is being worked on with Thunderbird going to their own PGP support in the next version. It was totally my fault for clicking on it. I guess I just thought it would warn before revoking it.

The details difference was odd to me as they both created with Kleopatra. The only thing I can surmise is that one was created when the key was first created and the other was I created when I changed the expiration date. (wasn’t sure if I needed a new one or not as the original one had that date in it)


Re: revocation certificate safety switch:
It makes sense to report the use case to Enigmail, because otherwise they may not do that nicely in their new support.

Re: revocation cert with details and without
Can you say which one is which?

I just didn’t think there was really any updates to Enigmail being it goes away with Thunderbird 78. I will mention it though just in case

The one that was created at the same time as the original key had the extra details. The one I just (re) created did not. I can tell by the file dates.