Question about specifics of --locate-key option

Wiktor Kwapisiewicz wiktor at
Mon Oct 15 15:28:05 CEST 2018

Oh, I forgot to mention that this is the commit adding "<" and ">" to

And the commit message:

> Enclose email addresses in brackets to ensure an exact
> match, as per the gpg man page:
>        ...
>        By exact match on an email address.
>               This is indicated by enclosing the email address in the
>               usual way with left and right angles.

This references the following guide:

It seems as if the guide suggested wrapping e-mail addresses with "<"
and ">".

Kind regards,

On 15.10.2018 15:21, Wiktor Kwapisiewicz wrote:
> Hello,
> I have a question about specifics of --locate-key option, that is how
> does it decide which lookup mechanism will additionally be called if a
> local key is not present.
> A little bit of context - I was checking how Evolution works with GnuPG
> and whether it would locate key through WKD if it's missing locally. I
> found out that even though it passes the e-mail address to -r option
> (encrypt/recipient) WKD doesn't work. A more careful look revealed that
> they pass e-mail address wrapped in "<" and ">".
> Sample call:
>   gpg2 --verbose --no-secmem-warning --no-greeting --no-tty --batch
> --yes --status-fd=61 --encrypt --armor --always-trust -u
> user at -r <test-wkd at> --output -
> This, as it turns out, does not trigger WKD. Removing "<" and ">" sure
> enough does the trick and the key is found.
> My question is: is there a documented behavior of how --locate-key
> algorithm will process it's input? Or is it implementation-defined?
> (currently I see it must be an exact e-mail address with no leading,
> trailing characters). The man page description seems to leave it as
> unspecified.
> Thank you for your time!
> Kind regards,
> Wiktor


More information about the Gnupg-users mailing list