gpg: Remove support for PKA.

* g10/gpg.c (oPrintPKARecords): Remove.
(opts): Remove --print-pka-records.
(main): Remove "pka-lookups","pka-trust-increase" and other PKA stuff.
* g10/options.h (EXPORT_DANE_FORMAT): Remove.
(VERIFY_PKA_LOOKUPS, VERIFY_PKA_TRUST_INCREASE): Remove.
(KEYSERVER_HONOR_PKA_RECORD): Remove.
* g10/packet.h (pka_info_t): Remove.
(PKT_signature): Remove flags.pka_tried and pka_info.
* g10/parse-packet.c (register_known_notation): Remove
"[email protected]".
* g10/pkclist.c (check_signatures_trust): Remove PKA stuff.
* g10/call-dirmngr.c (gpg_dirmngr_get_pka): Remove.
* g10/export.c (parse_export_options): Remove "export-pka".
(do_export): Adjust for this.
(write_keyblock_to_output): Ditto.
(do_export_stream): Ditto.
(print_pka_or_dane_records): Rename to ...
(print_dane_records): this and remove two args. Remove PKA printing.
* g10/free-packet.c (free_seckey_enc, cp_pka_info): Adjust for removed
pka_info field.
* g10/getkey.c (get_pubkey_byname): Make AKL_PKA a dummy.
* g10/keyserver.c: Remove "honor-pka-record".
(keyserver_import_pka): Remove.
* g10/mainproc.c (get_pka_address): Remove.
(pka_uri_from_sig): Remove.
(check_sig_and_print): Remove code for PKA.
--

PKA (Public Key Association) was a DNS based key discovery method
which looked up fingerprint by mail addresses in the DNS.  This goes
back to the conference where DKIM was suggested to show that we
already had a better method for this available with PGP/MIME.  PKA was
was later superseded by an experimental DANE method and is today not
anymore relevant.  It is anyway doubtful whether PKA was ever widely
used.

Signed-off-by: Werner Koch <[email protected]>

1 files changed, 0 insertions, 66 deletions

diff --git a/g10/call-dirmngr.c b/g10/call-dirmngr.c
index 17f5fdcf3..21edab639 100644
--- a/g10/call-dirmngr.c
+++ b/g10/call-dirmngr.c
@@ -1249,72 +1249,6 @@ gpg_dirmngr_dns_cert (ctrl_t ctrl, const char *name, const char *certtype,
 }
 
 
-/* Ask the dirmngr for PKA info.  On success the retrieved fingerprint
-   is returned in a malloced buffer at R_FPR and its length is stored
-   at R_FPRLEN.  If an URL is available it is stored as a malloced
-   string at R_URL.  On error all return values are set to NULL/0.  */
-gpg_error_t
-gpg_dirmngr_get_pka (ctrl_t ctrl, const char *userid,
-                     unsigned char **r_fpr, size_t *r_fprlen,
-                     char **r_url)
-{
-  gpg_error_t err;
-  assuan_context_t ctx;
-  struct dns_cert_parm_s parm;
-  char *line = NULL;
-
-  memset (&parm, 0, sizeof parm);
-  if (r_fpr)
-    *r_fpr = NULL;
-  if (r_fprlen)
-    *r_fprlen = 0;
-  if (r_url)
-    *r_url = NULL;
-
-  err = open_context (ctrl, &ctx);
-  if (err)
-    return err;
-
-  line = es_bsprintf ("DNS_CERT --pka -- %s", userid);
-  if (!line)
-    {
-      err = gpg_error_from_syserror ();
-      goto leave;
-    }
-  if (strlen (line) + 2 >= ASSUAN_LINELENGTH)
-    {
-      err = gpg_error (GPG_ERR_TOO_LARGE);
-      goto leave;
-    }
-
-  err = assuan_transact (ctx, line, dns_cert_data_cb, &parm,
-                         NULL, NULL, dns_cert_status_cb, &parm);
-  if (err)
-    goto leave;
-
-  if (r_fpr && parm.fpr)
-    {
-      *r_fpr = parm.fpr;
-      parm.fpr = NULL;
-    }
-  if (r_fprlen)
-    *r_fprlen = parm.fprlen;
-
-  if (r_url && parm.url)
-    {
-      *r_url = parm.url;
-      parm.url = NULL;
-    }
-
- leave:
-  xfree (parm.fpr);
-  xfree (parm.url);
-  xfree (line);
-  close_context (ctrl, ctx);
-  return err;
-}
-
-
 
 /* Ask the dirmngr to retrieve a key via the Web Key Directory
  * protocol.  If QUICK is set the dirmngr is advised to use a shorter