OpenPGP certificates have several levels of validity: They can be invalid (expired, revoked, locally disabled), neutral and marginally or fully valid. Certificates become valid by assinging ultimate trust (which should be limited to one's own keys) or by being signed by one ore more keys with trust privilege. It is perfectly OK to use neutral / non-valid certificates. KMail does allow you to do that (with a warning; as it should be). You can assign certificates to a contact (assigning to an email address would make more sense, though). The problem is that the key selection dialog allows you to select valid certificates only which doesn't make sense. If you encrypt to an email address which does not appear in any certificate then the same dialog appears (within KMail, not within KAddressbook) and then it does allow you to select a non-valid certificate... Reproducible: Always
This bug has never been confirmed for a Kontact version that is based on KDE Frameworks, except possibly a Technology Preview version 5.0.x. Those versions differ significantly from the old 4.x series. Therefore, I plan to close it in around two or three months. In the meantime, it is set to WAITINGFORINFO to give reporters the opportunity to check if it is still valid. As soon as someone confirms it for a recent version (at least 5.1, ideally even more recent), I'll gladly reopen it. Please understand that we lack the manpower to triage bugs reported for versions almost two years beyond their end of life.
Just as announced in my last comment, I close this bug. If you encounter it again in a recent version (at least 5.1 aka 15.12; preferably much more recent), please open a new one unless it already exists. Thank you for all your input.