On Tuesday, 15 February 2022 20:32:50 GMT Dan Mahoney (Gushi) via Gnupg-users 
> Worse still, if you know a key exists via something like DANE (dayjob
> makes DNS software, we like the idea of it being available via DANE),
> there's no way to do gpg --search via DANE, only via a keyserver.
> Thus, using that as a prefetch method to grab the current version of our
> codesign@ key into our keyring is not helpful either, unless we "faked it"
> by attempting to encrypt a message to that address, then discarded it.
> Is there another way forward?  The normal things for auto-key-locate don't
> seem to help here.  I'm open to ideas.

Unless I misunderstood what you’re trying to achieve, I think the `--locate-
external-keys` command should be what you’re looking for?

This is basically the equivalent of `--search-keys`, except that the search is 
not limited to keyservers but instead use the mechanisms configured via the 
`--auto-key-locate` option (which can include DNS lookups, either using the 
“historical“ method of RFC-4398, or the modern method of RFC-7929).

- Damien

Attachment: signature.asc
Description: This is a digitally signed message part.

Gnupg-users mailing list

Reply via email to