fetching the requested key from keyservers
adi at hexapodia.org
Wed Jan 29 21:21:50 CET 2014
If the user asks for a specific fingerprint (giving the full hash to
--recv-key), it would be nice if gnupg checked the returned data from
the keyserver and only accepted keys matching the requested fingerprint.
Currently (1.4.14 and 2.0.20) whatever the keyserver returns is added to
pubring, without filtering.
It would be really lovely to get the patch for this issue merged; while
I'm not a gnupg developer, I did review the patch and it looks good to
More information about the Gnupg-devel