RFE: --update-before-use

Werner Koch wk at gnupg.org
Thu Jun 14 21:06:39 CEST 2012

On Thu, 14 Jun 2012 19:48, rjh at sixdemonbag.org said:

> We already have something similar to this in --auto-key-retrieve, and
> the same warnings about that option probably also apply here.  The
> principal difference would seem to be that auto-key-retrieve only
> fetches certificates that are not on the local keyring, while

That is not quite true:  You should be able to use

  --auto-key-locate nodefault,keyserver -r foo at example.org

and the key will be looked up only at the keyserver.  It might be
required to clear the auto-key-locate list first by using

  --no-auto-key-locate --auto-key-locate nodefault,keyserver -r foo at example.org

The documentation needs some examples, though.  IIRC, I implemented it
for the generic kdns keyserver helper.  The goal was to always retrieve
a fresh copy of the key from the DNS. However, it should also work with
other methods.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list