Page MenuHome GnuPG

gpg misinterprets under-implemented keyservers as empty, misreports search results to users
Closed, ResolvedPublic


hkp:// used to return HTTP 406 when a user tried to do a gpg
--search (searching is not implemented in that keyserver). I pointed them at
the old HKP I-D, and they updated it to now return 501 when a search is attempted:

(guest RT login is currently u:guest/p:readonly, according to

But gpg still does not report that the keyserver doesn't support the particular
query: -- instead, it tells the user that no key
was found. This seems misleading. And we ought to be able to do the Right
Thing, especially for keyserver operators/implementors who are willing to modify
their tool to report "unimplemented" properly.

#651 might also be relevant here.

Event Timeline

werner lowered the priority of this task from Normal to Wishlist.May 12 2010, 10:36 AM
werner removed a project: Bug Report.
werner added a project: Feature Request.

This seems to still be a problem:

$ gpg2 --keyserver hkp:// --search-keys dkg
gpg: error searching keyserver: No data
gpg: keyserver search failed: No data

justus added a subscriber: justus.

The problem here is that the hkp client code folds all http status codes other
than 200 and 3xx into GPG_ERR_NO_DATA. This is also a problem for issue #1038.

Fixed in a8308ba5.

% g10/gpg2 --keyserver hkp:// --search-keys dkg
gpg: It is only intended for test purposes and should NOT be
gpg: used in a production environment or with production keys!
gpg: error searching keyserver: Not implemented
gpg: keyserver search failed: Not implemented