one key is being handled in a batch, and one fails while the other
succeeds. Note that a search that comes up with no results is not a
failure - that is a valid response of "no answer".
Allow GnuPG to send us full v4 fingerprints, long key ids, or short key
ids while fetching. Since the LDAP server doesn't actually handle
fingerprints, chop them down to long key ids for actual use.
When searching for a keyid, search for subkeys as well as primary keys.
This is mostly significant when automatically fetching the key based on
the id in a header (i.e. "signature made by...."). "no-include-subkeys"
disables.
