Hello, I am writing this message in regards to Thunderbird's GPG support after v68, in the last hope that someone suggests a solution that moves me away from version 68. I consider the current state broken. My PGP keys reside on a Yubikey, but smartcard usage has been broken after v68, as none of the supposedly correct setups work. It should work pretty much out of the box, but it doesn't. The whole idea of moving away from Enigmail without having a properly, fully implemented support, including for smartcards, or at least for working with GPG, was utterly misguided, IMO, and broke the once nice client. I enabled gpg usage and fetching in Settings, I imported my pubkeys to Thunderbird's PGP manager, then added my external key (with GPG). Everything looks fine. But when I click an encrypted message, I get "The secret key that is required to decrypt this message is not avaliable". Nah, it's available and it's there! The pinentry isn't appearing at all and this is the result. I believe this is TB's fault, as the pinentry correctly appears with everything else I do, also with TB 68 + Enigmail. The setup is the same. I am using the latest Gpg4win. Settings: mail.openpgp.allow_external_gnupg - true mail.openpgp.fetch_pubkeys_from_gnupg - true mail.openpgp.alternative_gpg_path - has no effect whether set or not gpg-agent.conf: enable-win32-openssh-support default-cache-ttl-ssh 900 max-cache-ttl-ssh 1800 no-allow-external-cache default-cache-ttl 300 max-cache-ttl 3000 ignore-cache-for-signing allow-loopback-pinentry gpg.conf: utf8-strings auto-key-locate local use-agent FYI, adding "pinentry-program" has no effect on solving the problem, whether set or not. Your suggestions are welcome!