GPGME: locate-keys: how identify that different keys were returned by keyservers
Giacomo Tesio
giacomo at tesio.it
Wed Dec 3 11:38:04 CET 2025
Hi, while trying to improve the usability of key lookup in Claws-Mail
with a contextual menu that let you search for pgp keys over any email,
upstream developers proposed an interesting scenario I would not know
how to handle, despite looking at the GPGME documentation.
The scenario is running "gpg --locate-keys email at example.org" with the
configured keyservers returning different keys for that email address.
While I do not know if such scenario is technically possible, and I was
unable to replicate it to test by myself (sorry), I wonder how GPGME
would behave in such situation (in particular, gpgme_get_key).
Maybe all returned keys would be added to the keyring and
GPG_ERR_AMBIGUOUS_NAME would be returned?
Or maybe GPG_ERR_AMBIGUOUS_NAME would be returned but the keyring would
stay unchanged?
Or maybe the first key returned by the keyserver "wins", and all other
keys get discarded?
In general, is this something that might happen?
And if so, how gpg handles the case?
Thanks for your help.
Giacomo
More information about the Gnupg-devel
mailing list