BUG: --keyserver option may compromise anonymity
Werner Koch
wk at gnupg.org
Mon Dec 18 19:41:45 CET 2000
On Mon, 18 Dec 2000, Florian Weimer wrote:
> This is not the whole story. Although there's a comment at the top of
> hkp_ask_import() mentioning user interaction, I've never seen GnuPG
> asking before doing a HKP request when verifying signatures.
The man page does not mention, that gpg will ask whether a key should be
retrieved, the comment and the name of the function is misleading,
but this is not a user documentation.
You may want to use --no-auto-key-retrieve along with a --keyserver
in your options file.
Werner
More information about the Gnupg-devel
mailing list