Page MenuHome GnuPG

HTTP(S) preferred key servers always treated as HKP
Closed, ResolvedPublic


When doing a --refresh on keys which have a preferred key server set in their
signature, GnuPG 2.1.x (tested with 2.1.16 and 2.1.17) treats all HTTP(S) URIs
as HKP servers. Both 1.4.x and 2.0.x are able to handle these URIs properly.


Suppose a key has a preferred key server of "". Both
1.4.x and 2.0.x would request this exact URI, and the key would be retrieved
from that location.

In 2.1.x, only the protocol and host parts of the URI are used, and an HKP
request is made based on the key fingerprint, such as:

     (fingerprint changed to zeros)

I believe the behaviour of previous GnuPG versions is more in line with RFC 4880



Revisions and Commits