Debugging dirmngr (gpg --locate-key)
Wiktor Kwapisiewicz
wiktor at metacode.biz
Fri Mar 29 10:07:54 CET 2019
On 29.03.2019 09:30, Andre Heinecke wrote:
> (...)
> Without the "pub". This is why curl / wget work but not dirmngr.
Wow, excellent analysis Andre, as usual, thank you! I'll bookmark your
instructions as I bet they'll come in handy in the future...
As far as I know this change, that requires strict path match was done
to avoid a specific vulnerability.
Do you think it would be reasonable to put that requirement in the Web
Key Directory [0] spec? This way other implementations can also be
adjusted so that WKD works consistently across different software.
Kind regards,
Wiktor
[0]: https://datatracker.ietf.org/doc/draft-koch-openpgp-webkey-service/
--
https://metacode.biz/@wiktor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20190329/bee31a50/attachment.sig>
More information about the Gnupg-devel
mailing list