Page MenuHome GnuPG
Create Task
Maniphest T6067

dirmngr 2.2 does not ask keyservers for fingerprints
Closed, ResolvedPublic
Actions

Description

The change should be backported to 2.2 to fix key lookups by gnupg-vs-desktop-3.1.22.0-x86_64.AppImage on the default key server.

Revisions and Commits

rG GnuPG
rG22e8dc792702 dirmngr: Ask keyservers to provide the key fingerprints

Related Objects
Search...

Event Timeline

ikloecker created this task.Jul 7 2022, 1:30 PM
ikloecker added a parent task: T6042: Cannot search on keyserver from kleopatra 3.1.22 inside an AppImage of GnuPG Desktop or GnuPG VS Desktop.
ikloecker reassigned this task from ikloecker to werner.Jul 7 2022, 1:35 PM
vitusb added a subscriber: vitusb.Jul 8 2022, 8:30 PM

Hello,
thanx for fixing this issue ...

Where do i will find the fixed version in order to build an udated AppImage ?

Will this be fixed in gpg 2.2.36 (maybe a reloaded version like gnupg-w32-2.2.35_20220502) or 2.2.37 ?

Best regards ...
Veit

ikloecker added a comment.Jul 8 2022, 10:36 PM

It will hopefully be fixed in 2.2.37.

vitusb added a comment.EditedJul 15 2022, 11:18 AM

What i don't understand is ...

When this should be an issue in dirmngr, why does the search on mentioned keyservers work with kleopatra 3.1.16 and an updated backend gpg-2.2.36:


Ah .. Ok, i missed the thread:
Kleopatra: Certificate lookup shows only one result even if there are 100s matches

This also explains the small list of results in contrary to the list that you get from the web frontend ...

Due to https://dev.gnupg.org/T5725#153224 ("The fingerprints are needed by Kleopatra as unique identifier for keys."), is this still implemented in that way ?

Best regards,

Veit
ikloecker added a comment.Jul 15 2022, 1:48 PM
In T6067#160368, @vitusb wrote:

Due to https://dev.gnupg.org/T5725#153224 ("The fingerprints are needed by Kleopatra as unique identifier for keys."), is this still implemented in that way ?

Yes. There is no other way to uniquely identify keys. Even the long key ID that's returned by key servers can be forged nowadays.

ikloecker added a commit: rG22e8dc792702: dirmngr: Ask keyservers to provide the key fingerprints.Jul 26 2022, 9:52 AM
ikloecker changed the task status from Open to Testing.Jul 26 2022, 9:54 AM
ikloecker removed werner as the assignee of this task.
ikloecker triaged this task as Normal priority.
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ikloecker added a project: Restricted Project.

The fix has been merged to the 2.2 branch.

werner removed a project: Restricted Project.Sep 22 2022, 10:54 AM
werner closed this task as Resolved.Jan 19 2023, 4:41 PM
werner claimed this task.
ebo moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Apr 5 2023, 2:52 PM