Werner Koch <[EMAIL PROTECTED]> writes:
> * New auto-key-locate option that takes an ordered list of methods
> to locate a key if it is not available at encryption time (-r or
> --recipient). Possible methods include "cert" (use DNS CERT as
> per RFC2538bis, "pka" (use DNS PKA), "ldap" (consult the LDAP
> server for the domain in question), "keyserver" (use the
> currently defined keyserver), as well as arbitrary keyserver
> URIs that will be contacted for the key.
I'm having trouble getting hkp keyservers to work with
auto-key-locate. gpg do appear to retrieve the key successfully, but
then it complains that it can't use it. Ideas?
~/.gnupg/gpg.conf contains:
auto-key-locate x-hkp://subkeys.pgp.net
[EMAIL PROTECTED]:~/src/gnupg$ gpg -a -e -r [EMAIL PROTECTED]
gpg: searching for names from hkp server subkeys.pgp.net
gpg: key 99242560: public key "David M. Shaw <[EMAIL PROTECTED]>" imported
gpg: key 3CB3B415: public key "David M. Shaw <[EMAIL PROTECTED]>" imported
gpg: key D46DCCC5: "David M. Shaw (High Security) <[EMAIL PROTECTED]>" not
changed
gpg: key DFF20E79: public key "David M. Shaw <[EMAIL PROTECTED]>" imported
gpg: 3 marginal(s) needed, 1 complete(s) needed, classic trust model
gpg: depth: 0 valid: 4 signed: 21 trust: 0-, 0q, 0n, 0m, 0f, 4u
gpg: depth: 1 valid: 21 signed: 43 trust: 1-, 0q, 0n, 1m, 19f, 0u
gpg: depth: 2 valid: 29 signed: 223 trust: 24-, 0q, 0n, 0m, 5f, 0u
gpg: depth: 3 valid: 24 signed: 158 trust: 24-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2006-07-10
gpg: Total number processed: 4
gpg: imported: 3 (RSA: 3)
gpg: unchanged: 1
gpg: automatically retrieved [EMAIL PROTECTED]' via x-hkp://subkeys.pgp.net
gpg: [EMAIL PROTECTED]: skipped: unusable public key
gpg: [stdin]: encryption failed: unusable public key
[EMAIL PROTECTED]:~/src/gnupg$ gpg -a -e -r [EMAIL PROTECTED]
gpg: 1643B926: There is no assurance this key belongs to the named user
pub 2048g/1643B926 2002-01-28 David M. Shaw <[EMAIL PROTECTED]>
Primary key fingerprint: 7D92 FD31 3AB6 F373 4CC5 9CA1 DB69 8D71 9924 2560
Subkey fingerprint: F0EC 51D9 2ED0 C183 8977 DDD0 AE28 27D1 1643 B926
It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.
Use this key anyway? (y/N)
Btw, DNS CERT retrieval work fine, see:
[EMAIL PROTECTED]:~$ gpg -a -e -r [EMAIL PROTECTED]
gpg: key B565716F: public key "Simon Josefsson <[EMAIL PROTECTED]>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
gpg: no ultimately trusted keys found
gpg: automatically retrieved [EMAIL PROTECTED]' via DNS CERT
gpg: A14C401A: There is no assurance this key belongs to the named user
pub 1024R/A14C401A 2006-03-18 Simon Josefsson <[EMAIL PROTECTED]>
Primary key fingerprint: 0424 D4EE 81A0 E3D1 19C6 F835 EDA2 1E94 B565 716F
Subkey fingerprint: 9FB3 8B75 7032 6114 34B5 649E C0C3 8BF5 A14C 401A
It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.
Use this key anyway? (y/N)
Thanks,
Simon
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
