Question about specifics of --locate-key option
wiktor at metacode.biz
Mon Oct 15 15:21:26 CEST 2018
I have a question about specifics of --locate-key option, that is how
does it decide which lookup mechanism will additionally be called if a
local key is not present.
A little bit of context - I was checking how Evolution works with GnuPG
and whether it would locate key through WKD if it's missing locally. I
found out that even though it passes the e-mail address to -r option
(encrypt/recipient) WKD doesn't work. A more careful look revealed that
they pass e-mail address wrapped in "<" and ">".
gpg2 --verbose --no-secmem-warning --no-greeting --no-tty --batch
--yes --status-fd=61 --encrypt --armor --always-trust -u
user at example.com -r <test-wkd at metacode.biz> --output -
This, as it turns out, does not trigger WKD. Removing "<" and ">" sure
enough does the trick and the key is found.
My question is: is there a documented behavior of how --locate-key
algorithm will process it's input? Or is it implementation-defined?
(currently I see it must be an exact e-mail address with no leading,
trailing characters). The man page description seems to leave it as
Thank you for your time!
More information about the Gnupg-users