Hello all, I have a public key with a photo-ID uploaded to WKD at my domain and when I download it manually and import to gpg, everything works as expected:
> ubuntu@sandbox-jammy:~$ mkdir curl > ubuntu@sandbox-jammy:~$ chmod 0700 curl > ubuntu@sandbox-jammy:~$ gpg --homedir curl --list-keys > gpg: keybox '/home/ubuntu/curl/pubring.kbx' created > gpg: /home/ubuntu/curl/trustdb.gpg: trustdb created > ubuntu@sandbox-jammy:~$ curl > https://morgwai.pl/.well-known/openpgpkey/hu/iffe93qcsgp4c8ncbb378rxjo6cn9q6u?l=test > |gpg --homedir curl --import > % Total % Received % Xferd Average Speed Time Time Time > Current > Dload Upload Total Spent Left Speed > 100 6131 100 6131 0 0 7041 0 --:--:-- --:--:-- --:--:-- 7039 > gpg: key 5EE910C88398CC40: public key "Test Email <t...@morgwai.pl>" imported > gpg: Total number processed: 1 > gpg: imported: 1 > ubuntu@sandbox-jammy:~$ gpg --homedir curl --list-keys > /home/ubuntu/curl/pubring.kbx > ----------------------------- > pub rsa3072 2022-01-31 [SC] [expires: 2024-01-31] > 23F3101D5D4428E12E6659095EE910C88398CC40 > uid [ unknown] Test Email <t...@morgwai.pl> > uid [ unknown] [jpeg image of size 3890] > sub rsa3072 2022-01-31 [E] [expires: 2024-01-31] However if I try to locate the same key automatically using WKD mechanism, then the attached photo-ID is not imported into my keyring: > ubuntu@sandbox-jammy:~$ gpg --homedir wkd --list-keys > gpg: keybox '/home/ubuntu/wkd/pubring.kbx' created > gpg: /home/ubuntu/wkd/trustdb.gpg: trustdb created > ubuntu@sandbox-jammy:~$ gpg -vv --homedir wkd --locate-keys t...@morgwai.pl > gpg: using pgp trust model > gpg: error retrieving 't...@morgwai.pl' via Local: No public key > # off=0 ctb=99 tag=6 hlen=3 plen=397 > :public key packet: > version 4, algo 1, created 1643637767, expires 0 > pkey[0]: [3072 bits] > pkey[1]: [17 bits] > keyid: 5EE910C88398CC40 > # off=400 ctb=b4 tag=13 hlen=2 plen=28 > :user ID packet: "Test Email <t...@morgwai.pl>" > # off=430 ctb=89 tag=2 hlen=3 plen=468 > :signature packet: algo 1, keyid 5EE910C88398CC40 > version 4, created 1643637767, md5len 0, sigclass 0x13 > digest algo 10, begin of digest d0 92 > hashed subpkt 33 len 21 (issuer fpr v4 > 23F3101D5D4428E12E6659095EE910C88398CC40) > hashed subpkt 2 len 4 (sig created 2022-01-31) > hashed subpkt 27 len 1 (key flags: 03) > hashed subpkt 9 len 4 (key expires after 2y0d0h0m) > hashed subpkt 11 len 4 (pref-sym-algos: 9 8 7 2) > hashed subpkt 21 len 5 (pref-hash-algos: 10 9 8 11 2) > hashed subpkt 22 len 3 (pref-zip-algos: 2 3 1) > hashed subpkt 30 len 1 (features: 01) > hashed subpkt 23 len 1 (keyserver preferences: 80) > subpkt 16 len 8 (issuer key ID 5EE910C88398CC40) > data: [3072 bits] > # off=901 ctb=d1 tag=17 hlen=3 plen=3909 new-ctb > :attribute packet: [jpeg image of size 3890] > # off=4813 ctb=89 tag=2 hlen=3 plen=468 > :signature packet: algo 1, keyid 5EE910C88398CC40 > version 4, created 1643638375, md5len 0, sigclass 0x13 > digest algo 10, begin of digest 64 cc > hashed subpkt 33 len 21 (issuer fpr v4 > 23F3101D5D4428E12E6659095EE910C88398CC40) > hashed subpkt 2 len 4 (sig created 2022-01-31) > hashed subpkt 27 len 1 (key flags: 03) > hashed subpkt 9 len 4 (key expires after 2y0d0h0m) > hashed subpkt 11 len 4 (pref-sym-algos: 9 8 7 2) > hashed subpkt 21 len 5 (pref-hash-algos: 10 9 8 11 2) > hashed subpkt 22 len 3 (pref-zip-algos: 2 3 1) > hashed subpkt 30 len 1 (features: 01) > hashed subpkt 23 len 1 (keyserver preferences: 80) > subpkt 16 len 8 (issuer key ID 5EE910C88398CC40) > data: [3072 bits] > # off=5284 ctb=b9 tag=14 hlen=3 plen=397 > :public sub key packet: > version 4, algo 1, created 1643637767, expires 0 > pkey[0]: [3072 bits] > pkey[1]: [17 bits] > keyid: B66941040BC242DD > # off=5684 ctb=89 tag=2 hlen=3 plen=444 > :signature packet: algo 1, keyid 5EE910C88398CC40 > version 4, created 1643637767, md5len 0, sigclass 0x18 > digest algo 10, begin of digest 65 bc > hashed subpkt 33 len 21 (issuer fpr v4 > 23F3101D5D4428E12E6659095EE910C88398CC40) > hashed subpkt 2 len 4 (sig created 2022-01-31) > hashed subpkt 27 len 1 (key flags: 0C) > hashed subpkt 9 len 4 (key expires after 2y0d0h0m) > subpkt 16 len 8 (issuer key ID 5EE910C88398CC40) > data: [3069 bits] > gpg: pub rsa3072/5EE910C88398CC40 2022-01-31 Test Email <t...@morgwai.pl> > gpg: writing to '/home/ubuntu/wkd/pubring.kbx' > gpg: key 5EE910C88398CC40: public key "Test Email <t...@morgwai.pl>" imported > gpg: no running gpg-agent - starting '/usr/bin/gpg-agent' > gpg: waiting for the agent to come up ... (5s) > gpg: connection to agent established > gpg: Total number processed: 1 > gpg: imported: 1 > gpg: auto-key-locate found fingerprint > 23F3101D5D4428E12E6659095EE910C88398CC40 > gpg: automatically retrieved 't...@morgwai.pl' via WKD > pub rsa3072 2022-01-31 [SC] [expires: 2024-01-31] > 23F3101D5D4428E12E6659095EE910C88398CC40 > uid [ unknown] Test Email <t...@morgwai.pl> > sub rsa3072 2022-01-31 [E] [expires: 2024-01-31] Is this intended or is it a bug? Is there a way to force gpg to retrieve photo-ID when using WKD? I'm using GnuPG-2.2.27 on ubuntu jammy. Or maybe there's some problem with my WKD, regardless that it works manually with curl as shown above? It was generated using the python-3 script: `./generate-openpgpkey-hu-3 -k .gnupg/pubring.kbx -m morgwai.pl -o hu` Thanks! _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
