[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-devel
Subject: Re: Questions on gpg-wks-server
From: Werner Koch via Gnupg-devel <gnupg-devel () gnupg ! org>
Date: 2023-04-30 11:39:26
Message-ID: 87354h1tw1.fsf () wheatstone ! g10code ! de
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
Hi!
On Tue, 25 Apr 2023 08:48, Gregor Düster said:
> How does gpg-wks-server determines which domains should be processed?
> My best guess would be it uses the top level directories for domains
> (e.g. at the default /var/lib/gnupg/wks or at the path specified with
> -C).
That is correct. Requests with no domain configured below that
directory are ignored. For example for gnupg.org we have
$ ls -l /var/lib/gnupg/wks/gnupg.org/
drwxr-sr-x 3 webkey webkey 4096 Mar 11 2019 hu
drwx--S--- 2 webkey webkey 4096 Jul 5 2021 pending
-rw-r--r-- 1 webkey webkey 0 Nov 14 2017 policy
-rw-r--r-- 1 webkey webkey 21 Aug 31 2016 submission-address
and we have a daily cronjob running "gpg-wks-server -v --cron" to clean
up pending requests after 3 days.
> Does gpg-wks-server strip UIDs from the submitted keys from domains
> that are not configured?
Confirmation requests are sent for all addresses found in the submitted
key as long as the domain is configured. However, gpg-wks-client sends
the keys only with one user id.
> How does gpg-wks-server deal with multiple user IDs in general? Will
> it send out multiple confirmation requests provided the domains are
> configured?
Exactly.
> Does gpg-wks-server drop a publication request if a key has no UIDs
> with any of the configured domains?
Yes.
Salam-Shalom,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
["openpgp-digital-signature.asc" (application/pgp-signature)]
_______________________________________________
Gnupg-devel mailing list
Gnupg-devel@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic