Page MenuHome GnuPG

Kleopatra: Automatic lookup for certificates for OpenPGP card keys
Open, WishlistPublic


For p15 cards we lookup the public key of a smartcard when LDAP is configured as keyserver. We can easily do this because we have the fingerprint.

For OpenPGP card keys I think we could also calcualte the fingerprint (or gnupg could) and then we could also search. Or we could use the URL field. Or both.

To also trigger this when an HKPS server is selected the Setting AlwaysSearchCardOnKeyserver should be respected which was added for p15 cards to override the default behavior to only search on LDAP servers to avoid a web bug leaking the information about which smartcard is inserted. Which could be fatal in scenarios where the IP address of a Smarcards user is searched by adversaries. But for instiutional configurations this could be quiet convenient.