looking up pgp keys
timprepscius at gmail.com
Mon Sep 9 03:53:49 CEST 2013
Actually, I will ask one more question.
It is sort of off topic, well, it *is* off topic, but I think it is
So I'm writing this secure e-mail web system.
I'm currently integrating pgp for end to end security.
I'm at the point now where I need to look up recipients' public keys.
Here are 3 options:
1. web mail contacts web server, says, "hey give me tom's public
key," web server contacts pgp-servers/recipient server, sends back key
2. web mail contacts pgp-servers directly, says, "hey give me tom's key."
3. web mail first tries to contact recipient mail server and ask it
(assuming it is running a key server), then resorts to public pgp
So I am tending to like #1 because:
1. web server will make request, real requester IP of web-mail client
won't be known.
2. web server will prob be on faster connection than client
But I also like #2 because:
1. web mail client can talk to many servers and validate it gets same
result from all.
Does anyone have any thoughts on this issue?
On 9/8/13, Tim Prepscius <timprepscius at gmail.com> wrote:
> &options=mr it is.
> On 9/8/13, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
>> On 09/08/2013 07:29 PM, Tim Prepscius wrote:
>>> I'm looking at the pgp mit server and the
>>> I do not see a way of forcing the search results format from html into
>>> something more conducive to machine parsing. (aka json)
>>> I've tried random things like: &format=json, &fmt=json, &plzcanhavjson=1
>>> None have worked. Parsing the html isn't just a big deal, but ....
>>> Does anyone know a way of doing this?
>> SKS is the dominant implementation of OpenPGP keyserver infrastructure
>> these days. most of the servers in the pool you're referring to run
>> SKS. So the best place to ask this kind of question is on the SKS
>> development list <sks-devel at nongnu.org>.
>> That said, the "machine-parsable" format is of a much older vintage than
>> json :)
>> The spec for HKP suggests that you need to supply the "mr" variable in
>> the query string:
>> and then read the line-oriented text-based output format:
More information about the Gnupg-devel