diff --git a/src/chat_control.py b/src/chat_control.py
index abdb81f82..24e757297 100644
--- a/src/chat_control.py
+++ b/src/chat_control.py
@@ -1367,7 +1367,7 @@ class ChatControl(ChatControlBase):
 		if self.gpg_is_active:
 			keyID = contact.keyID
 			encrypted = True
-			if keyID == '':
+			if not keyID:
 				keyID = 'UNKNOWN'
 
 		chatstates_on = gajim.config.get('outgoing_chat_state_notifications') != \
diff --git a/src/common/connection.py b/src/common/connection.py
index 3368343bd..9238c88f7 100644
--- a/src/common/connection.py
+++ b/src/common/connection.py
@@ -966,7 +966,7 @@ class Connection(ConnectionHandlers):
 			if keyID ==  'UNKNOWN':
 				error = _('Neither the remote presence is signed, nor a key was assigned.')
 			elif keyID[8:] == 'MISMATCH':
-				error =  _('The contact\'s key does not match the key assigned in Gajim.')
+				error = _('The contact\'s key (%s) does not match the key assigned in Gajim.' % keyID[:8]) 
 			else:
 				#encrypt
 				msgenc, error = self.gpg.encrypt(msg, [keyID])
diff --git a/src/common/helpers.py b/src/common/helpers.py
index 3ac741226..2c1786d31 100644
--- a/src/common/helpers.py
+++ b/src/common/helpers.py
@@ -1100,7 +1100,7 @@ def prepare_and_validate_gpg_keyID(account, jid, keyID):
 	If the given keyID is None, return UNKNOWN; if the key does not match the assigned key
 	XXXXXXXXMISMATCH is returned. If the key is trusted and not yet assigned, assign it'''
 	if gajim.connections[account].USE_GPG:	
-		if len(keyID) == 16:
+		if keyID and len(keyID) == 16:
 			keyID = keyID[8:]
 		
 		attached_keys = gajim.config.get_per('accounts', account,
diff --git a/src/common/zeroconf/connection_handlers_zeroconf.py b/src/common/zeroconf/connection_handlers_zeroconf.py
index c955c1c1e..848bdff9e 100644
--- a/src/common/zeroconf/connection_handlers_zeroconf.py
+++ b/src/common/zeroconf/connection_handlers_zeroconf.py
@@ -732,6 +732,8 @@ class ConnectionHandlersZeroconf(ConnectionVcard, ConnectionBytestream):
 			keyID = gajim.config.get_per('accounts', self.name, 'keyid')
 			if keyID:
 				decmsg = self.gpg.decrypt(encmsg, keyID)
+				# \x00 chars are not allowed in C (so in GTK)
+				decmsg = decmsg.replace('\x00', '')
 		if decmsg:
 			msgtxt = decmsg
 			encrypted = True
diff --git a/src/common/zeroconf/connection_zeroconf.py b/src/common/zeroconf/connection_zeroconf.py
index 1805587b1..f26eaa0bd 100644
--- a/src/common/zeroconf/connection_zeroconf.py
+++ b/src/common/zeroconf/connection_zeroconf.py
@@ -167,14 +167,16 @@ class ConnectionZeroconf(ConnectionHandlersZeroconf):
 		if keyID and self.USE_GPG:
 			use_gpg_agent = gajim.config.get('use_gpg_agent')
 			if self.connected < 2 and self.gpg.passphrase is None and \
-				not use_gpg_agent:
+			not use_gpg_agent:
 				# We didn't set a passphrase
 				self.dispatch('ERROR', (_('OpenPGP passphrase was not given'),
 					#%s is the account name here
 					_('You will be connected to %s without OpenPGP.') % self.name))
+				self.USE_GPG = False
 			elif self.gpg.passphrase is not None or use_gpg_agent:
 				signed = self.gpg.sign(msg, keyID)
 				if signed == 'BAD_PASSPHRASE':
+					self.USE_GPG = False
 					signed = ''
 					if self.connected < 2:
 						self.dispatch('BAD_PASSPHRASE', ())
@@ -375,8 +377,13 @@ class ConnectionZeroconf(ConnectionHandlersZeroconf):
 		msgtxt = msg
 		msgenc = ''
 		if keyID and self.USE_GPG:
-			# encrypt
-			msgenc, error = self.gpg.encrypt(msg, [keyID])
+			if keyID ==  'UNKNOWN':
+				error = _('Neither the remote presence is signed, nor a key was assigned.')
+			elif keyID[8:] == 'MISMATCH':
+				error = _('The contact\'s key (%s) does not match the key assigned in Gajim.' % keyID[:8])
+			else:
+				# encrypt
+				msgenc, error = self.gpg.encrypt(msg, [keyID])
 			if msgenc and not error:
 				msgtxt = '[This message is encrypted]'
 				lang = os.getenv('LANG')