That error code is actually not an error code but it is the ERROR state from the Kleo SFM. We have seen that yesterday already.

2.2 is end-of-life

This might also be related to rGa7ec3792c5 (cf. T2982)

There is no well defined pripority for the CRL DPs. The code enumarates the DP and tries one after the other until it founds one. If you use --ignore-http_dp http DPs are skipped and with --ignore-ldap-dp LDAP DPs are ignored.

1.53 has been released this morning.

Note that 1.53 was released today which fixes a small regression:

We suggest the use of the keyboxd for a reason. The use of multiple keyrings has always been a problem and has been kept on demand from a couple of people. Eventually things change and for a new installation the use of the keyboxd is the suggested way to run GnuPG. Support for pubring.gpg and even pubring.kbx may eventually be removed - not now or in the next year but it may happen. You have been warned ;-)

We have done all of this and the rest of the work is now in T7593

“Some stupid with a faulty editor burned down the the stripped trailing spaces; time was running out need to find another commit"

I did not run the full tests becaue those would take some hours but one test case using the genhashdata tool from the libgcrypt test suite gives the correct value (see genhashdata.c source)

the included tools are intended to bootstrap things and are not optimized in any way. We don't run large data test either. Someone will look into it, thoigh. A better way is to use

Sorry, I sometimes forget to push the tags. If you have access to a jabber/xmpp client you may join the gnupg-devel@chat-gnupg.org muti-user-chat and ping us there.

You mean this would be better becuase it is not clear how we handle X.509 addrsppec (see override_mbox arg of store_into_userid)? I guess COLLATE NOCASE does it the standard way by folding all uppercase characters and not just the ASCII characters as we do in GnuPG. This would be a problem.

Indeed, GnuPG's IPC uses TCP connections from 127.0.0.1 to 127.0.0.1 taking the destination port (and a cookie) from a file. We can't change that easily to the new Unix socket implementation Windows recently introduced. I hope there is a way to exclude localhost->localhost from congestion control.