On Tuesday, 15 February 2022 20:32:50 GMT Dan Mahoney (Gushi) via Gnupg-users wrote: > Worse still, if you know a key exists via something like DANE (dayjob > makes DNS software, we like the idea of it being available via DANE), > there's no way to do gpg --search via DANE, only via a keyserver. > > Thus, using that as a prefetch method to grab the current version of our > codesign@ key into our keyring is not helpful either, unless we "faked it" > by attempting to encrypt a message to that address, then discarded it. > > Is there another way forward? The normal things for auto-key-locate don't > seem to help here. I'm open to ideas.
Unless I misunderstood what you’re trying to achieve, I think the `--locate- external-keys` command should be what you’re looking for? This is basically the equivalent of `--search-keys`, except that the search is not limited to keyservers but instead use the mechanisms configured via the `--auto-key-locate` option (which can include DNS lookups, either using the “historical“ method of RFC-4398, or the modern method of RFC-7929). - Damien
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
