Can anyone explain to me the purpose of "--verify-options pka-lookups" ? I have successfully used "--auto-key-locate pka" when encrypting messages, but I can't see how to use "pka-lookups".
I assumed it would automatically lookup/download the key in order to do verification, but if you don't have the key already, it doesn't know the UID associated with the key used to sign and therefore can't do the PKA lookup... Is there some additional command line option that I should be using to specify the email address from the UID when verifying this way? Or have I completely misunderstood something? Also. Would it be useful to add a feature to GnuPG so it displays the fact that a PKA record it retrieved was DNSSEC signed, when true? Just for informational purposes. It strikes me as useful information to have... Here is my DNSSEC signed PKA record that I've been experimenting with: mike@server:~$ dig +short txt mike.cardwell._pka.grepular.com "v=pka1\;fpr=35BCAF1D3AA21F843DC3B0CF70A5F5120018461F\;uri=http://grepular.com/0018461F.pub.asc"; mike@server:~$ -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
