Page MenuHome GnuPG
Projects LDAP

LDAPTag
ActivePublic
Watch Project

Members

  • This project does not have any members.
  • View All

Watchers

  • This project does not have any watchers.
  • View All

Details

Description

LDAP related stuff.

Recent Activity
View All

Wed, Apr 29

gniibe moved T8048: Keyboxd: S/MIME certificate is imported on ldap search from Backlog to WIP on the gpd5x board.
Wed, Apr 29, 3:43 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
gniibe moved T8048: Keyboxd: S/MIME certificate is imported on ldap search from Backlog to WIP on the gnupg26 board.
Wed, Apr 29, 3:39 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Mon, Apr 27

gniibe changed the status of T8048: Keyboxd: S/MIME certificate is imported on ldap search from Open to Testing.

Applied to master.

Mon, Apr 27, 6:48 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Fri, Apr 24

gniibe added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

I created a branch https://dev.gnupg.org/source/gnupg/history/gniibe%252Ft8048 and pushed all changes (including keyboxd-patch-2026-04-23).

Fri, Apr 24, 7:06 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Thu, Apr 23

gniibe added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

Enhance keyboxd to have new command for what keybox_set_flags does.

Thu, Apr 23, 7:01 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Thu, Apr 16

timegrid moved T7866: Allow separate LDAP keyserver for uploading from Backlog to WiP on the gnupg22 board.
Thu, Apr 16, 5:34 PM · gnupg22, vsd33 (vsd-3.3.6), LDAP, Feature Request, gnupg26
timegrid moved T7866: Allow separate LDAP keyserver for uploading to Backlog on the gnupg22 board.
Thu, Apr 16, 5:34 PM · gnupg22, vsd33 (vsd-3.3.6), LDAP, Feature Request, gnupg26
timegrid changed the status of T7866: Allow separate LDAP keyserver for uploading from Open to Testing.
Thu, Apr 16, 5:33 PM · gnupg22, vsd33 (vsd-3.3.6), LDAP, Feature Request, gnupg26
timegrid changed the status of T7866: Allow separate LDAP keyserver for uploading from Testing to Open.

Still does not work on vsd-3.3.7-beta90.9 @ win10. Essentially the same behavior as before:

Thu, Apr 16, 5:32 PM · gnupg22, vsd33 (vsd-3.3.6), LDAP, Feature Request, gnupg26
ebo edited projects for T7866: Allow separate LDAP keyserver for uploading, added: vsd33 (vsd-3.3.6), gnupg22 (gnupg-2.2.53); removed gnupg22, vsd34.
Thu, Apr 16, 3:04 PM · gnupg22, vsd33 (vsd-3.3.6), LDAP, Feature Request, gnupg26

Mar 27 2026

werner triaged T8048: Keyboxd: S/MIME certificate is imported on ldap search as Normal priority.
Mar 27 2026, 10:33 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Mar 26 2026

gniibe claimed T8048: Keyboxd: S/MIME certificate is imported on ldap search.

I applied the keyboxd part for SETEPHEMERAL command, as it doesn't break anything.

Mar 26 2026, 3:56 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Mar 25 2026

gniibe added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

Here is an attempt to fix the client side:

kbxd-ephemeral-client.patch4 KBDownload

Mar 25 2026, 5:26 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Mar 4 2026

timegrid moved T8042: Kleopatra: Add expired/revoked information to ldap search results from Done to gpd-5.0.2 on the gpd5x board.
Mar 4 2026, 4:03 PM · gpd5x (gpd-5.0.2), vsd34, Feature Request, LDAP, kleopatra
timegrid moved T8042: Kleopatra: Add expired/revoked information to ldap search results from QA to Done on the gpd5x board.

Looks good to me on gpg4win-5.0.2-beta2 @ win11:

Mar 4 2026, 3:49 PM · gpd5x (gpd-5.0.2), vsd34, Feature Request, LDAP, kleopatra
gniibe added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

I looked at sm/keydb.c:keydb_set_ephemeral function. It says:

Mar 4 2026, 7:38 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Feb 26 2026

ebo moved T8042: Kleopatra: Add expired/revoked information to ldap search results from WIP to QA on the gpd5x board.
Feb 26 2026, 2:34 PM · gpd5x (gpd-5.0.2), vsd34, Feature Request, LDAP, kleopatra

Feb 13 2026

werner moved T7866: Allow separate LDAP keyserver for uploading from WIP to Done on the gnupg26 board.
Feb 13 2026, 2:28 PM · gnupg22, vsd33 (vsd-3.3.6), LDAP, Feature Request, gnupg26
werner moved T7866: Allow separate LDAP keyserver for uploading from Backlog to WiP on the gnupg22 board.
Feb 13 2026, 2:28 PM · gnupg22, vsd33 (vsd-3.3.6), LDAP, Feature Request, gnupg26
werner changed the status of T7866: Allow separate LDAP keyserver for uploading from Open to Testing.
Feb 13 2026, 2:28 PM · gnupg22, vsd33 (vsd-3.3.6), LDAP, Feature Request, gnupg26

Jan 21 2026

ikloecker changed the status of T8042: Kleopatra: Add expired/revoked information to ldap search results from Open to Testing.

Implemented and backported for VSD 3.4

Jan 21 2026, 11:02 AM · gpd5x (gpd-5.0.2), vsd34, Feature Request, LDAP, kleopatra
timegrid added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

The "ca" root cert is not on the ldap, if that matters

Jan 21 2026, 10:23 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
timegrid renamed T8048: Keyboxd: S/MIME certificate is imported on ldap search from GnuPG: S/MIME certificate is imported on ldap search to Keyboxd: S/MIME certificate is imported on ldap search.
Jan 21 2026, 10:14 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
timegrid added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.
In T8048#211860, @ikloecker wrote:

some other certificates, but I guess those are from other tests

Jan 21 2026, 10:08 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
timegrid added a project to T8048: Keyboxd: S/MIME certificate is imported on ldap search: Bug Report.
Jan 21 2026, 10:00 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
timegrid renamed T8048: Keyboxd: S/MIME certificate is imported on ldap search from Kleopatra: S/MIME certificate is imported on ldap search to GnuPG: S/MIME certificate is imported on ldap search.
Jan 21 2026, 10:00 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
timegrid added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

It also happens on CLI:

Jan 21 2026, 9:59 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
ikloecker added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

With Gpg4win 5.0.0 the LISTKEYS after the server lookup lists the (ephemeral?) ca@gnupg.test certificate and (!) the bob@gnupg.test certificate (and some other certificates, but I guess those are from other tests).

Jan 21 2026, 9:52 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
ikloecker added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.
  1. VSD 3.3.4
Jan 21 2026, 9:45 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
ikloecker added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.
  1. Gpg4win 5.0.0
Jan 21 2026, 9:44 AM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x

Jan 20 2026

timegrid added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.
  • gpg4win 5.0.0 @ win11
Jan 20 2026, 2:59 PM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
ikloecker claimed T8042: Kleopatra: Add expired/revoked information to ldap search results.
Jan 20 2026, 2:49 PM · gpd5x (gpd-5.0.2), vsd34, Feature Request, LDAP, kleopatra
ikloecker added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

gpgme logs (also of vsd-3.3.4) will be useful.

Jan 20 2026, 2:47 PM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
werner added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

I have not checked but I guess that the certificate is marked as ephemeal and kleopatra either lists ephemeral certificates or the ephemeral flag got removed to to a validation process,

Jan 20 2026, 2:43 PM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
timegrid added a comment to T8048: Keyboxd: S/MIME certificate is imported on ldap search.

Note: This does not happen on vsd-3.3.4

Jan 20 2026, 2:37 PM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
timegrid created T8048: Keyboxd: S/MIME certificate is imported on ldap search.
Jan 20 2026, 1:56 PM · keyboxd, Bug Report, gnupg26, S/MIME, LDAP, gpd5x
ebo triaged T8042: Kleopatra: Add expired/revoked information to ldap search results as Normal priority.
Jan 20 2026, 9:07 AM · gpd5x (gpd-5.0.2), vsd34, Feature Request, LDAP, kleopatra

Jan 19 2026

ikloecker added a comment to T8042: Kleopatra: Add expired/revoked information to ldap search results.

The gpgme logs show that the information for revoked keys should be there. We just need to check for it (and somehow visualize it).

pub:o:3072:1:3DA05D6B0A5998AF:1768822823:1863514800::::::::
fpr:::::::::C70F6D8F32DFE96F5C47C40B3DA05D6B0A5998AF:
uid:o::::::::search (valid) <search@gnupg.test>\r:
Jan 19 2026, 4:13 PM · gpd5x (gpd-5.0.2), vsd34, Feature Request, LDAP, kleopatra
timegrid added a comment to T8042: Kleopatra: Add expired/revoked information to ldap search results.

gpgme.log (vsd 3.3.4):

gpgme_log.vsd334.txt141 KBDownload

Jan 19 2026, 4:02 PM · gpd5x (gpd-5.0.2), vsd34, Feature Request, LDAP, kleopatra
ikloecker renamed T8042: Kleopatra: Add expired/revoked information to ldap search results from Kleopatra: Add expired/rekoved information to ldap search results to Kleopatra: Add expired/revoked information to ldap search results.
Jan 19 2026, 3:55 PM · gpd5x (gpd-5.0.2), vsd34, Feature Request, LDAP, kleopatra
timegrid added a comment to T8042: Kleopatra: Add expired/revoked information to ldap search results.

Another possibility would be to just add a revoked column (expiration date is already shown) to keep closer to the ldap schema.

Jan 19 2026, 1:31 PM · gpd5x (gpd-5.0.2), vsd34, Feature Request, LDAP, kleopatra
timegrid created T8042: Kleopatra: Add expired/revoked information to ldap search results.
Jan 19 2026, 12:04 PM · gpd5x (gpd-5.0.2), vsd34, Feature Request, LDAP, kleopatra

Jan 13 2026

ebo edited projects for T7272: Kleopatra: Look up missing OpenPGP certificates for card keys, added: gpd5x (gpd-5.0.0); removed gpd5x.
Jan 13 2026, 12:52 PM · gpd5x (gpd-5.0.0), LDAP, kleopatra

Jan 9 2026

werner moved T7866: Allow separate LDAP keyserver for uploading from QA to WIP on the gnupg26 board.
Jan 9 2026, 3:50 PM · gnupg22, vsd33 (vsd-3.3.6), LDAP, Feature Request, gnupg26
timegrid added a comment to T7866: Allow separate LDAP keyserver for uploading.

The behaviour might have changed a bit because of the ldap: prefix i use now, or i have missed this case the last time:
Given some cert on the "download" server, I can find it, if dirmngr.conf contains only the "download" server, or if the "download" server is listed first:

Jan 9 2026, 2:17 PM · gnupg22, vsd33 (vsd-3.3.6), LDAP, Feature Request, gnupg26
werner added a comment to T7866: Allow separate LDAP keyserver for uploading.

Independent of keyserver order in dirmngr.conf, --search-keys still offers keys from the upload server, but the download fails:

Jan 9 2026, 1:35 PM · gnupg22, vsd33 (vsd-3.3.6), LDAP, Feature Request, gnupg26
werner added a comment to T7866: Allow separate LDAP keyserver for uploading.

For "Although the upload server is used for upload, the gpg message still displays the first keyserver" see T8025

Jan 9 2026, 1:28 PM · gnupg22, vsd33 (vsd-3.3.6), LDAP, Feature Request, gnupg26
werner triaged T8025: Display the correct LDAP server in gpg if the upload flag is in use. as Normal priority.
Jan 9 2026, 1:28 PM · Bug Report, LDAP, gnupg26

Jan 6 2026

timegrid moved T7272: Kleopatra: Look up missing OpenPGP certificates for card keys from QA to Done on the gpd5x board.

Looks good to me on gpg4win-5.0.0-beta479 @ win11.

Jan 6 2026, 3:55 PM · gpd5x (gpd-5.0.0), LDAP, kleopatra

Dec 18 2025

ebo updated subscribers of T6299: Kleopatra: Updating key does results in "not changed" instead of "not found".

@timegrid I would not tag this ticket with LDAP, as it is not LDAP specific

Dec 18 2025, 10:20 AM · gpd5x (gpd-5.0.0), Restricted Project, kleopatra