gpg auto-locate-key selects expired/revoked key
Jan Eden
tech at eden.one
Sun Jun 19 09:17:10 CEST 2022
On 2022-06-09 12:52, Jan Eden via Gnupg-users wrote:
> On 2022-06-09 10:40, Werner Koch wrote:
> > On Thu, 9 Jun 2022 08:11, Jan Eden said:
> >
> > > Now I corrected the mistake, and all is well.
> >
> > I don't think this is your mistake. We need to do something about it.
> > Tracked at https://dev.gnupg.org/T6023
> >
> > BTW, to ignore local keys and update from WKD (or whatever has been
> > configured) you can use --locate-external-key which is available since
> > 2.2.17.
>
> Thank you (both for the task and the suggestion)!
Following up on this issue: I now use the command suggested at
https://wiki.gnupg.org/WKDHosting with a filter for the revoked key's
fingerprint:
gpg --list-options show-only-fpr-mbox -k '@eden.one' | grep -v zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz | gpg-wks-client -v --directory /var/www/html/site/.well-known/openpgpkey --install-key
As I have only a single key to exclude, this is a viable solution for
me.
- Jan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220619/8293bb0b/attachment.sig>
More information about the Gnupg-users
mailing list