Debugging dirmngr (gpg --locate-key)

Wiktor Kwapisiewicz wiktor at
Fri Mar 29 10:07:54 CET 2019

On 29.03.2019 09:30, Andre Heinecke wrote:
> (...)
> Without the "pub". This is why curl / wget work but not dirmngr.

Wow, excellent analysis Andre, as usual, thank you! I'll bookmark your 
instructions as I bet they'll come in handy in the future...

As far as I know this change, that requires strict path match was done 
to avoid a specific vulnerability.

Do you think it would be reasonable to put that requirement in the Web 
Key Directory [0] spec? This way other implementations can also be 
adjusted so that WKD works consistently across different software.

Kind regards,



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-devel mailing list