Direct LDAP access
David Shaw
dshaw at jabberwocky.com
Wed Jul 13 00:23:26 CEST 2005
On Tue, Jul 12, 2005 at 10:31:48AM -0500, Wes wrote:
> I hope this isn't a duplicate question. I can't believe it hasn't come up
> before, but I searched the 70MB archive file and found nothing.
>
> I tweaked (contorted?) our LDAP server to respond to PGP/GPG key retrieval
> requests. However, it appears that GPG can only access the key server for
> the purposes of importing a key into (or exporting from) a key ring. I can
> find no way to get GPG to encrypt or decrypt using direct queries to the
> directory instead of using a disk file key chain.
A very easy way to do this is to write your code to "import" the key
from the LDAP server into a brand new empty keyring, and then delete
it afterwards.
> We need to be able to do encryption and decryption with GPG directly
> accessing LDAP to get the keys. Additionally, since the directory is
> hierarchical and a given key could occur in multiple subtrees, we need to be
> able to specify the searchbase instead of relying on the cn=PGPServerInfo
> entry.
The current LDAP code can specify the base. Use something like
keyserver-options basedn=whatever-you-like
David
More information about the Gnupg-users
mailing list