From 87de9e19edf0311ca0342e15ef44ebe40e32861e Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 27 Apr 2016 08:34:29 +0200 Subject: gpg: Add experimental AKL method "wkd" and option --with-wkd-hash. * g10/getkey.c (parse_auto_key_locate): Add method "wkd". (get_pubkey_byname): Implement that method. Also rename a variable. * g10/call-dirmngr.c (gpg_dirmngr_wkd_get): New. * g10/keyserver.c (keyserver_import_wkd): New. * g10/test-stubs.c (keyserver_import_wkd): Add stub. * g10/gpgv.c (keyserver_import_wkd): Ditto. * g10/options.h (opt): Add field 'with_wkd_hash'. (AKL_WKD): New. * g10/gpg.c (oWithWKDHash): New. (opts): Add option --with-wkd-hash. (main): Set that option. * g10/keylist.c (list_keyblock_print): Implement that option. -- The Web Key Directory is an experimental feature to retrieve a key via https. It is similar to OpenPGP DANE but also uses an encryption to reveal less information about a key lookup. For example the URI to lookup the key for Joe.Doe@Example.ORG is: https://example.org/.well-known/openpgpkey/ hu/example.org/iy9q119eutrkn8s1mk4r39qejnbu3n5q (line has been wrapped for rendering purposes). The hash is a z-Base-32 encoded SHA-1 hash of the mail address' local-part. The address wk@gnupg.org can be used for testing. Signed-off-by: Werner Koch --- doc/gpg.texi | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'doc') diff --git a/doc/gpg.texi b/doc/gpg.texi index 0c43c55bd..c10678bbd 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1600,6 +1600,10 @@ mechanisms, in the order they are to be tried: Locate a key using DANE, as specified in draft-ietf-dane-openpgpkey-05.txt. + @item wkd + Locate a key using the Web Key Directory protocol. + This is an experimental method and semantics may change. + @item ldap Using DNS Service Discovery, check the domain in question for any LDAP keyservers to use. If this fails, attempt to locate the key using the @@ -2235,6 +2239,11 @@ Print the ICAO spelling of the fingerprint in addition to the hex digits. @opindex with-keygrip Include the keygrip in the key listings. +@item --with-wkd-hash +@opindex with-wkd-hash +Print a Web Key Directory indentifier along with each user ID in key +listings. This is an experimental feature and semantics may change. + @item --with-secret @opindex with-secret Include info about the presence of a secret key in public key listings -- cgit v1.2.3