On 2000-01-27 21:09:39 +0000, Edmund GRIMLEY EVANS wrote:
> (I think you mean :pserver:[EMAIL PROTECTED]:/home/roessler/cvs )
Errm, yes. I don't type the CVS root explicitly too often.
> Does pkspxycrwap import keys into your keyring, or does it just
> keep them in its own cache on disc? Does it always return
> immediately, even when the key is not in the cache?
The whole thing has been designed for working offline: There is a
daemon which keeps a cache. pkspxycwrap asks this daemon for key
information, and then adds this key information to the local key
ring.
Additionally, it keeps a table of (string) key IDs and time stamps,
and passes these time stamps to the daemon when asking for a key.
When the key wasn't updated in the cache since it was last fetched,
the daemon gives a 204 HTTP response, and the client doesn't add any
new data to the public key ring.
When the key isn't present, or wasn't updated for a configurable
interval of time when requested, the daemon will re-fetch it from
the key server at the next opportunity. In particular, when you're
online, the system will try to update the key synchronuously, i.e.,
you'll have to wait a moment while the key server is contacted.
Finally, pkspxy has two modes of operation: When pkspxy receives a
SIGUSR1 signal, it will switch to online mode and immediately
process the postponed queue. When it receives SIGUSR2, the server
switches to offline mode, working off the cache, and recording any
queries it couldn't give a sufficient answer for to the postponed
queue.
> I'm trying to understand what the advantages of pkspxycwrap are
> over just putting "keyserver wwwkeys.pgp.net" in .gnupg/options.
There may be none - I wrote pkspxy with pgp versions in mind which
don't have any direct key server support, and to fit my own and a
friend's needs.
> It looks as though the argument %r given to pkspxycwrap is an
> e-mail address.
Indeed; I have to admit that the muttrc (5) manual page isn't
completely accurate on this.
> This doesn't agree with someone's suggestion to set
> pgp_getkeys_command="gpg --recv %r"
> because the argument to gpg --recv is a key ID ... so I'm
> confused.
Is it a numerical key ID, or a string key ID? Should it be the
latter, this may just be fine, since e-mail addresses should usually
help to find the right key on a message. (Not always, but in most
cases, this works nicely.)
--
http://www.guug.de/~roessler/
