From ab9a918bc27f13b3dae740e911802afefc29ddb6 Mon Sep 17 00:00:00 2001
From: David Shaw <dshaw@jabberwocky.com>
Date: Thu, 23 Jul 2009 18:28:54 +0000
Subject: Try a DNS-SD lookup to find a domain-specific LDAP server before
 resorting to keys.{domain}.

---
 doc/ChangeLog | 5 +++++
 doc/gpg.texi  | 5 +++--
 2 files changed, 8 insertions(+), 2 deletions(-)

(limited to 'doc')

diff --git a/doc/ChangeLog b/doc/ChangeLog
index 5b4c0d0dd..a7f455349 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,3 +1,8 @@
+2009-07-23  David Shaw  <dshaw@jabberwocky.com>
+
+	* gpg.texi (GPG Configuration Options): LDAP uses DNS-SD to locate
+	a server before falling back to keys.{domain}.
+
 2009-07-23  Werner Koch  <wk@g10code.com>
 
 	* help.txt (gpgsm.crl-problem): New.
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 035f948dd..14a8b1d92 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1376,8 +1376,9 @@ Locate a key using DNS CERT, as specified in rfc4398.
 Locate a key using DNS PKA.
 
 @item ldap
-Locate a key using the PGP Universal method of checking
-@samp{ldap://keys.(thedomain)}.
+Using DNS Service Discovery, check the domain in question for any LDAP
+keyservers to use.  If this fails, attempt to locate the key using the
+PGP Universal method of checking @samp{ldap://keys.(thedomain)}.
 
 @item keyserver
 Locate a key using whatever keyserver is defined using the
-- 
cgit v1.2.3