New LDAP server commands

Christian Kurz shorty at getuid.de
Sat Oct 21 15:14:14 CEST 2000


On 00-10-20 Shaun Savage wrote:
> I have to ask a question. 

> I would like to add three more commands to the gpg

> --view-keys and --send-sign and --recv-trust

> **********

> --view-keys koch     and this command will list all/some of the gpg
> keys 				that match "koch" in the user_id field.

This is an operation that should not be done by GnuPG itself, but
instead by a seperate programm. Either include this feature in the
mailreader itself or use an external programm for this. (I send a
preliminary script for this already to Werner but got no answer about
it till today. ;)

> -u bar --send-sign foo      this command will send a trust signature of
> foo 				signed by bar.

What should this be good for? What do you mean with trust signature
exactly? 

> Here is an example of how a "normal" person would encrypt a e-mail.

> encrypt is enabled by default

> the person writes the letter then presses SEND
> the gpg then checks the local keyring for the email address(es)
> if not found it then checks a ldap server with the e-mail address as the

And what if you don't have a LDAP-Server configured or available? What
should happen then? 

> search filter.  If a key is found it will return it and ask(or not) to
> put the key into the local keyring.  It then encrypts the e-mail and

You trust keys that you get from a LDAP-Server? How can you be sure that
this the right key and not a compromised one? How do you make sure that
you really have the key of the person you are mailing to? 

Ciao
     Christian
-- 
While the year 2000 (y2k) problem is not an issue for us, all Linux
implementations will impacted by the year 2038 (y2.038k) issue. The Debian
Project is committed to working with the industry on this issue and we will
have our full plans and strategy posted by the first quarter of 2020.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 249 bytes
Desc: not available
Url : /pipermail/attachments/20001021/3f4da508/attachment.bin


More information about the Gnupg-devel mailing list