Hi, Am Mittwoch 03 Dezember 2025 18:22:36 schrieb Bruce Walzer via Gnupg-devel: > > The scenario is running "gpg --locate-keys [email protected]" with the > > configured keyservers returning different keys for that email address. > > So the problem seems intrinsic to me. The user will > eventually be expected to determine which key fingerprint/ID is > correct.
note that if you restrict your request to WKD (web key directory) you can use all pubkeys you will get. Which will be one. So there is no interaction necessary in the common case, you can just encrypt to the pubkey you get from WKD for an email address. gpg --locate-keys --auto-key-locate clear,nodefault,wkd [email protected] or gpg --locate-external-keys --auto-key-locate clear,nodefault,wkd [email protected] should help you test this. (Should be possible via GPGME as well.) WKD should be enabled and used by default and Claws can do some more steps to do that right from the start. See: https://wiki.gnupg.org/EMailClients/ClawsMail https://wiki.gnupg.org/WKD/BachelorThesisIncreaseWKDUsage2021 https://wiki.gnupg.org/WKD/DistributionOfWKD https://wiki.gnupg.org/WKD/UsabilityOfWKD <- mentions Claws test Best, Bernhard -- https://intevation.de/~bernhard +49 541 33 508 3-3 Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-devel mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-devel
