Garbled data in keyservers
Wiktor Kwapisiewicz
wiktor at metacode.biz
Mon Dec 10 14:25:08 CET 2018
On 09.12.2018 20:48, Stefan Claas wrote:
> Mind you in the 90's PGP key servers accepted also email and Usenet
> submissions, if i remember correctly. The keyword was then simple
> the word "add" in the subject line of an email.
>
> <https://www.rubin.ch/pgp/sendkey.en.html>
That's an interesting idea, it seems GnuPG has some support for sending keys via
e-mail.
From the "--keyserver" option documentation [0]:
> This is the server that --receive-keys, --send-keys, and --search-keys will
> communicate with to receive keys from, send keys to, and search for keys on.
> (...) The scheme is the type of keyserver: "hkp" for the HTTP (or compatible)
> keyservers, "ldap" for the LDAP keyservers, or *"mailto" for the Graff email
> keyserver*.
I didn't manage to get it running though ("gpg: keyserver send failed: No
keyserver available"), probably it depends on some package that I don't have
locally.
By the way validation of keys sent from e-mail would require DKIM as it's easy
to spoof "From" (that's why most solutions send verification e-mails to the
e-mail address instead of receiving it).
Kind regards,
Wiktor
[0]:
https://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration-Options.html
--
https://metacode.biz/@wiktor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20181210/af072e5d/attachment.html>
More information about the Gnupg-users
mailing list