On Sun, Sep 16, 2001 at 04:51:00PM +0100, Chris Ball wrote:
> If this is the case, it would probably be a good idea for me to knock up
> a module that takes an e-mail address and returns a keyid on an exact
> match. A script using the module could /also/ uses GPG::Interface, and
> have the returned keyid downloaded and imported into the user's keyring.
Firstly, this is OpenPGP related, not GnuPG related, the two are subtly
different, as GnuPG is an implementation of the OpenPGP spec. There are a
couple of problems with this, what keyid do you return when two are found?
(Keys get revoked, remember, and the revocation certificates stay on
keyservers, so you can download them as updates to the key). What happens
if they are two valid keys? But it *should* go in the PGP hierarchy, rather
than the GPG one.
Also, I assume you know that if you're writing new software with GPG, you
should really be trying to get the 64bit IDs rather than the 32bit ones.
What about where people have multiple email addresses ? eg, there is no
key for [EMAIL PROTECTED], but there is for [EMAIL PROTECTED]
MBM
--
Matthew Byng-Maddick <[EMAIL PROTECTED]> http://colondot.net/
