keys.openpgp.org not sending confirmation email
lists at binarus.de
Tue Sep 17 09:12:12 CEST 2019
On 16.09.2019 12:58, Claus Assmann wrote:
> On Mon, Sep 16, 2019, Binarus wrote:
>> Surname, Forename | Company <email at company.de>
>> Commas are not allowed as part of email addresses. While I knew that, I
> unless quoted, e.g.,
> "Surname, Forename | Company" <email at company.de>
Thanks, Claus, for the clarification / correction, and for your continuous support and expertise.
Additionally, I just did a quick test. Using Thunderbird, I sent two messages to somebody else, one from an account where the name contained a comma and another one from an account where the name only contained [a-zA-Z] and spaces. Interestingly enough, Thunderbird did its thing right, at least in generating the "FROM:" line. It wrapped the name in quotes in the first case and left away the quotes in the second case. In other words, the receiver got two messages with "FROM:" lines which were formatted differently:
FROM: "Surname, Forename | Company" <email at company.de>
FROM: Forename Surname <email at company.de>
So Thunderbird seems to add the quotes automatically if necessary, and I am asking myself why Enigmail doesn't. I am not sure (and can't test at the moment) how GnuPG would behave if given a problematic name when generating a key; I hope it would give a warning or would add the quotes automatically.
>From a quick glance at the web API (VKS interface) and at the HKP implementation of keys.openpgp.org, I got the impression that there isn't a status code or return value from which tools like Enigmail could see that there was a problem with parsing a key's ID. Perhaps the extended status codes in the HKP protocol could be used to return that sort of error, but even that is questionable, and I guess that this is not implemented anywhere.
In other words, the key server currently is not able to report such errors when a key is being uploaded via HKP or the web API. Am I correct here? If yes, should we consider this a design flaw in these key server APIs? After all, tools like Enigmail then wouldn't have the chance to report such errors to the user when trying to upload a key. Vincent, could you eventually elaborate a bit on that problem?
If we only would be able to read every RFC which affects any software we use for our daily work ...
More information about the Gnupg-users