Page MenuHome GnuPG
Create Task
Maniphest T1089

Please store requests in a cache to avoid sending out duplicate requests (mailto: interface)
Closed, WontfixPublic
Actions

Description

I'll just quote the OP, as I don't have a strong opinion on the what the user
reports/requests:

while Working Offline, I am using n my gpg.conf the option

keyserver mailto:pgp-public-keys@keys.nl.pgp.net

which has a weird behaviour if you have set mutt to autoretrive gpgkeys.

If you are in a Mail-Thread, each time you hit an unknown GPG-Key,
it send a message, which mean, if the person has respond 10 times
in a thread, you will send out 10 requests for the key...

This is definitivly a DoS-Attack on the keyserver... specialy, if my
Outgoing will be automaticaly flushed, if my sendmail wraper find an
internet connection...

I have already accidently sendout 480 messages where around the half
of them are duplicates or more...

I think, gpg should store its requests in a cache and send only a new
request if it does not find the key in 10 days or so... (configurable)

Details

External Link
http://bugs.debian.org/454741

Event Timeline

dleidert renamed this task from store requests in a cache to Please store requests in a cache to avoid sending out duplicate requests (mailto: interface).Jul 16 2009, 12:28 PM
dleidert set External Link to http://bugs.debian.org/454741.
dleidert set Version to 1.4.9.
dleidert added projects: Feature Request, Debian, gnupg.
dleidert added a subscriber: dleidert.
werner added a subscriber: werner.Jul 16 2009, 3:11 PM

For obvious reasons the mailto scheme is not very useful. It is not even build
by default; you have to use ./configure --enabe-mailto. OTOH, I see that a way
to batch up keys for later retrieval is a nice feature - it should hwoever not
be limited to the mailto scheme.

dshaw added a subscriber: dshaw.Aug 11 2009, 6:12 AM

If this is pursued, I suggest doing it as a subsystem external to GnuPG. GnuPG
can generate keyserver information files (via --keyserver-options
use-temp-files). An external program can gather these files and manage them
however it likes, then pass them to the keyserver helper programs when it is
ready to.

werner added a project: Stalled.Sep 3 2009, 7:36 PM

Wen can look into this during the development of 2.1.

werner set Due Date to Feb 1 2010, 1:00 AM.Sep 3 2009, 7:36 PM
werner added a project: gnupg (gpg21).Apr 22 2013, 9:56 AM
werner removed Due Date.
werner removed a project: Stalled.May 11 2015, 8:53 PM

This reminds me that we don't have a mail keyserver in 2.1 yet. Need to
evaluate whether it will be useful.

werner raised the priority of this task from Wishlist to Normal.May 11 2015, 8:53 PM
werner added a comment.Sep 28 2016, 9:55 AM

There are a couple of ideas on how to use mail for key retrieval. We won't be
able to implement them for 2.2 but we should consider this for 2.3.

There won't be any changes for 1.4, though.

werner added a project: gnupg (gpg23).Sep 28 2016, 9:55 AM
werner removed Version.
werner removed a project: gnupg (gpg21).
werner closed this task as Wontfix.Feb 10 2021, 10:59 AM
werner claimed this task.