diff options
| author | Werner Koch <[email protected]> | 2021-02-02 18:53:21 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2021-02-02 18:53:21 +0000 |
| commit | 7f3ce66ec56a5aea6170b7eb1bda5626eb208c83 (patch) | |
| tree | 3d57f33c5290451c3034fa88eabed0ca2ca78678 /g10/packet.h | |
| parent | gpg: Remove more or less useless tool gpgcompose. (diff) | |
| download | gnupg-7f3ce66ec56a5aea6170b7eb1bda5626eb208c83.tar.gz gnupg-7f3ce66ec56a5aea6170b7eb1bda5626eb208c83.zip | |
gpg: Remove support for PKA.
* g10/gpg.c (oPrintPKARecords): Remove.
(opts): Remove --print-pka-records.
(main): Remove "pka-lookups","pka-trust-increase" and other PKA stuff.
* g10/options.h (EXPORT_DANE_FORMAT): Remove.
(VERIFY_PKA_LOOKUPS, VERIFY_PKA_TRUST_INCREASE): Remove.
(KEYSERVER_HONOR_PKA_RECORD): Remove.
* g10/packet.h (pka_info_t): Remove.
(PKT_signature): Remove flags.pka_tried and pka_info.
* g10/parse-packet.c (register_known_notation): Remove
"[email protected]".
* g10/pkclist.c (check_signatures_trust): Remove PKA stuff.
* g10/call-dirmngr.c (gpg_dirmngr_get_pka): Remove.
* g10/export.c (parse_export_options): Remove "export-pka".
(do_export): Adjust for this.
(write_keyblock_to_output): Ditto.
(do_export_stream): Ditto.
(print_pka_or_dane_records): Rename to ...
(print_dane_records): this and remove two args. Remove PKA printing.
* g10/free-packet.c (free_seckey_enc, cp_pka_info): Adjust for removed
pka_info field.
* g10/getkey.c (get_pubkey_byname): Make AKL_PKA a dummy.
* g10/keyserver.c: Remove "honor-pka-record".
(keyserver_import_pka): Remove.
* g10/mainproc.c (get_pka_address): Remove.
(pka_uri_from_sig): Remove.
(check_sig_and_print): Remove code for PKA.
--
PKA (Public Key Association) was a DNS based key discovery method
which looked up fingerprint by mail addresses in the DNS. This goes
back to the conference where DKIM was suggested to show that we
already had a better method for this available with PGP/MIME. PKA was
was later superseded by an experimental DANE method and is today not
anymore relevant. It is anyway doubtful whether PKA was ever widely
used.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'g10/packet.h')
| -rw-r--r-- | g10/packet.h | 16 |
1 files changed, 0 insertions, 16 deletions
diff --git a/g10/packet.h b/g10/packet.h index eec3050e9..b27beccdd 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -193,19 +193,6 @@ struct revocation_key { }; -/* Object to keep information about a PKA DNS record. */ -typedef struct -{ - int valid; /* An actual PKA record exists for EMAIL. */ - int checked; /* Set to true if the FPR has been checked against the - actual key. */ - char *uri; /* Malloced string with the URI. NULL if the URI is - not available.*/ - unsigned char fpr[20]; /* The fingerprint as stored in the PKA RR. */ - char email[1];/* The email address from the notation data. */ -} pka_info_t; - - /* A signature packet (RFC 4880, Section 5.2). Only a subset of these fields are directly serialized (these are marked as such); the rest are read from the subpackets, which are not synthesized when @@ -226,7 +213,6 @@ typedef struct unsigned pref_ks:1; /* At least one preferred keyserver is present */ unsigned key_block:1; /* A key block subpacket is present. */ unsigned expired:1; - unsigned pka_tried:1; /* Set if we tried to retrieve the PKA record. */ } flags; /* The key that allegedly generated this signature. (Directly serialized in v3 sigs; for v4 sigs, this must be explicitly added @@ -254,8 +240,6 @@ typedef struct struct revocation_key *revkey; int numrevkeys; int help_counter; /* Used internally bu some functions. */ - pka_info_t *pka_info; /* Malloced PKA data or NULL if not - available. See also flags.pka_tried. */ char *signers_uid; /* Malloced value of the SIGNERS_UID * subpacket or NULL. This string has * already been sanitized. */ |