I hope this isn't a duplicate question. I can't believe it hasn't come up before, but I searched the 70MB archive file and found nothing.
I tweaked (contorted?) our LDAP server to respond to PGP/GPG key retrieval requests. However, it appears that GPG can only access the key server for the purposes of importing a key into (or exporting from) a key ring. I can find no way to get GPG to encrypt or decrypt using direct queries to the directory instead of using a disk file key chain. We have a requirement to implement a distributed server application where the keys (probably both public and private) are in an LDAP directory. Transferring keychain files around is not an option, both from a firewall perspective and because at any given time each system could have a different keychain. Only the application will have access to the entries in LDAP - users will not have access. Performance will not be a problem. We need to be able to do encryption and decryption with GPG directly accessing LDAP to get the keys. Additionally, since the directory is hierarchical and a given key could occur in multiple subtrees, we need to be able to specify the searchbase instead of relying on the cn=PGPServerInfo entry. Am I overlooking something? Is this possible today? If not, and we developed the code, would be it something that could be integrated into GPG for others to use? Wes _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
