gpg auto-locate-key selects expired/revoked key

Andrew Gallagher andrewg at andrewg.com
Wed Jun 8 23:51:51 CEST 2022


On 8 Jun 2022, at 07:46, Jan Eden via Gnupg-users <gnupg-users at gnupg.org> wrote:
> 
> - Which WKD server hosts my expired/revoked key such that it takes precedence
>  over my own WKD server at domain.com <http://domain.com/>?
> - Why does gpg select an expired/revoked key over a valid key?

I suspect the issue is that your WKD is serving both keys (as you can see from the output of the metacode checker) but GnuPG expects just one key to be served, and so is consuming the first (which is the expired one) and ignoring the second. Try replacing the file on the WKD server with one that contains just the current key?

A

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220608/7ee7c96b/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220608/7ee7c96b/attachment.sig>


More information about the Gnupg-users mailing list