keys.openpgp.org not sending confirmation email

Werner Koch wk at gnupg.org
Tue Sep 17 16:25:08 CEST 2019 

On Tue, 17 Sep 2019 14:57, lists at binarus.de said:

> to use only key IDs consisting solely of the actual mail address
> hereafter (with or without the angle brackets - I can live with both

That is actually what I suggest for quite some time.  The extra stuff is
not required and may lead only to confusion if the user id does not
match the mail address as taken from an addressbook, or a received mail.

Further there are mail providers who do only allow keys which only the
mail address.  The Web Key Directory takes this in account and gnupg
will create a new user id for such providers in the publishing process.
 
> I see. Then the problem might be due to standards which are "only"
> de-facto, leading to parsers (on the key servers) which interpret those
> IDs subtly differently from what GnuPG / Enigmail and friends expect.

BTW, for a long time PGP 5 and later had no idea about the charset of
user-ids and happily copied verbatim whatever the OS supplied as a
string.  The result is that all MUAs and gpg's command line implement a
heuristic to detect and convert on display the Latin-1 encoding of
German Umlauts.

> By the way, I did not test yet how keys.openpgp.org would behave when
> given a key ID with a comma in the name, but with the name quoted.

FWIW, tehre are obvious cases which gpg does not catch either.  I added
two test cases to show this:

+++ b/common/t-mbox-util.c
@@ -77,6 +77,12 @@ run_mbox_test (void)
       { "<fo()o at example.org> ()", "fo()o at example.org" },
       { "fo()o at example.org", NULL},
       { "Mr. Foo <foo at example.org><bar at example.net>", "foo at example.org"},
+      { "Surname, Forename | company <foo at example.org>", "foo at example.org"},
+      /* The next one is for sure not RFC-822 correct but nevertheless
+       * the way gpg does it.  We won't change it because the user-id
+       * is only rfc-822 alike and not compliant (think only of our
+       * utf-8 requirement).  */
+      { "\"<foo at example.org>\" <foo at example.net>", "foo at example.org"},
       { NULL, NULL }
     };

> to have my name or other fancy text in my keys' IDs. I suppose that
> somebody who wants to write me an encrypted message will search for my
> public key at first by email address (and not by other criteria). At

Actually we parse the address out of the user-id and put it into the
Signer's User ID subpacket of a signature if possible.  Mail addresses
have the advantage that they maps to a global directory of identities
which full user-ids won't.


Salam-Shalom,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190917/0c46a09b/attachment.sig>

More information about the Gnupg-users mailing list