"http" & "finger" keyserver schemes

ms419 at freezone.co.uk ms419 at freezone.co.uk
Thu Feb 10 18:41:55 CET 2005 

On Mon, Feb 07, 2005 at 08:19:30AM -0500, David Shaw wrote:
> On Sun, Feb 06, 2005 at 08:52:00PM -0800, ms419 at freezone.co.uk wrote:
> > I don't get how to receive keys using using the "http" & "finger" 
> > keyserver schemes.
> > 
> > I tried some variations on -
> > 
> > 
> > 	gpg --keyserver finger:wk at g10code.com --recv-keys
> > 
> > 	gpg --keyserver "http://eatflamingdeath.com/~dleslie/pubkey.asc" 
> > --recv-keys
> > 
> > 
> > - but nothing I tried worked. Receiving keys from "ldap" or "hkp" 
> > keyservers is no problem -
> > 
> > 
> > 	gpg --keyserver ldap://keyserver.pgp.com --search-keys Lypkie
> > 
> > 	gpg --keyserver hkp://pgp.mit.edu --search-keys Demwell
> > 
> > 
> > Frustratingly, I couldn't find examples on the web or in the 
> > documentation of using "http" or "finger" keyserver schemes. Can anyone 
> > help?
> 
> http and finger schemes are most useful for putting in preferred
> keyserver URLs so the key can be automatically refreshed.  They're not
> really intended for use on the command line, but it's possible to fool
> the system into working on the command line by doing something like:
> 
>   gpg --keyserver finger:the_finger at example.com --recv-keys 99999999
> 
> i.e. "receive key 99999999 from finger:the_finger at example.com".  The
> key that arrives probably won't be 99999999, but it'll arrive anyway.

IC - thanks for the excellent information, David & Nicolas!

I added a "sig-keyserver-url" & "keyserver-options auto-key-retrieve" to
my gpg.conf, & sure enough! verifying data signatures retrieves my
key from my preferred keyserver, if it's absent -

I also tried signing a friend's key, but either key signing doesn't
include my "sig-keyserver-url", or I'm not correctly verifying the
signature - "gpg --keyserver-options auto-key-retrieve --list-options
show-keyserver-urls --check-sigs" doesn't retrieve the key with which I
signed my friend's key, if it's absent.

More insight?

Thanks!

Jack
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/attachments/20050210/b5589b0d/attachment.pgp

More information about the Gnupg-users mailing list