security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

gpg: Add new --auto-key-locate mechanism "dane".

Browse source 
* g10/call-dirmngr.c (gpg_dirmngr_dns_cert): Allow fetching via DANE.
* g10/keyserver.c (keyserver_import_cert): Add arg "dane_mode".
* g10/options.h (AKL_DANE): New.
* g10/getkey.c (get_pubkey_byname): Implement AKL_DANE.
(parse_auto_key_locate): Ditto.
--

To test this use

  gpg --auto-key-locate clear,dane,local --locate-key -v wk@gnupg.org

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2015-10-06 20:31:43 +02:00
parent 264a81d827
commit 9ac31f91b1
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
6 changed files with 36 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

4
doc/gpg.texi
View file

@ -1463,6 +1463,10 @@ mechanisms, in the order they are to be tried:
@item pka
Locate a key using DNS PKA.
@item dane
Locate a key using DANE, as specified
in draft-ietf-dane-openpgpkey-05.txt.
@item ldap
Using DNS Service Discovery, check the domain in question for any LDAP
keyservers to use. If this fails, attempt to locate the key using the