summaryrefslogtreecommitdiffstats
path: root/doc/wks.texi (follow)
Commit message (Collapse)AuthorAgeFilesLines
* wkd: Implement --blacklist option for gpg-wks-clientWerner Koch2022-10-071-2/+37
| | | | | | | | | | | | * tools/gpg-wks-client.c (blacklist_array, blacklist_array_len): New. (parse_arguments): Install blacklist. (read_file): New. (cmp_blacklist, add_blacklist, is_in_blacklist): New. (mirror_one_key): Check list. * tools/gpg-wks.h (opt): Remove field blacklist. -- GnuPG-bug-id: 6224
* dirmngr: Change the default keyserver.Werner Koch2021-08-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * configure.ac (DIRMNGR_DEFAULT_KEYSERVER): Change to keyserver.ubuntu.com. * dirmngr/certcache.c (cert_cache_init): Disable default pool cert. * dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Ditto. * dirmngr/http.c (http_session_new): Ditto. * dirmngr/server.c (make_keyserver_item): Use a different mapping for the gnupg.net names. -- Due to the unfortunate shutdown of the keyserver pool, the long term defaults won't work anymore. Thus it is better to change them. For https access keyserver.ubuntu.com is now used because it can be expected that this server can stand the load from newer gnupg LTS versions. For http based access the Dutch Surfnet keyserver is used. However due to a non-standard TLS certificate this server can not easily be made the default for https. Note: that the default server will be changed again as soon as a new connected keyserver infrastructure has been established. (cherry picked from commit 47c4e3e00a7ef55f954c14b3c237496e54a853c1)
* wkd: Install gpg-wks-client under bin and add wrapper for libexecWerner Koch2021-02-191-9/+0
| | | | | | | -- gpg-wks-client is a pretty useful command on the command line. Thus we now install it at bin and provide a compatibility wrapper.
* doc: fix minor spelling and tense errorsDaniel Kahn Gillmor2019-08-201-3/+3
| | | | | | * doc/{gpg,gpgsm,wks}.texi: minor orthographic cleanup. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* wkd: New command --print-wkd-url for gpg-wks-client.Werner Koch2019-03-251-2/+6
| | | | | | | | | * tools/gpg-wks-client.c (aPrintWKDURL): New. (opts): Add option. (main): Implement. * tools/wks-util.c (wks_cmd_print_wkd_url): New. Signed-off-by: Werner Koch <wk@gnupg.org>
* wkd: New command --print-wkd-hash for gpg-wks-client.Werner Koch2019-03-221-0/+4
| | | | | | | | | | | | | * tools/gpg-wks-client.c (aPrintWKDHash): New. (opts) : Add "--print-wkd-hash". (main): Implement that command. (proc_userid_from_stdin): New. * tools/wks-util.c (wks_fname_from_userid): Add option HASH_ONLY. (wks_cmd_print_wkd_hash): New. -- GnuPG-bug-id: 4418 Signed-off-by: Werner Koch <wk@gnupg.org>
* scd: Allow standard keyref scheme for app-openpgp.Werner Koch2019-02-051-1/+1
| | | | | | | | | | | | | | * scd/app-openpgp.c (do_change_pin): Allow prefixing the CHVNO with "OPENPGP." * tools/card-call-scd.c (scd_change_pin): Change API to use strings. * tools/gpg-card-tool.c (cmd_passwd): Adjust for change. (cmd_unblock): Ditto. -- The generic keyref allows for better error detection in case a keyref is send to a wrong card. Signed-off-by: Werner Koch <wk@gnupg.org>
* wks: Allow reading of --install-key arguments from stdin.Werner Koch2018-12-041-3/+8
| | | | | | | | | * tools/wks-util.c (install_key_from_spec_file): New. (wks_cmd_install_key): Call it. * tools/gpg-wks-client.c (main): Allow --install-key w/o arguments. * tools/gpg-wks-server.c (main): Ditto. Signed-off-by: Werner Koch <wk@gnupg.org>
* wks: Add new commands --install-key and --remove-key to the client.Werner Koch2018-12-041-0/+15
| | | | | | | | | | | | | | * tools/gpg-wks-client.c (aInstallKey, aRemoveKey, oDirectory): New. (opts): Add "--install-key", "--remove-key" and "-C". (parse_arguments): Parse them. (main): Check that the given directory exists. Implement the new commands. -- These commands maybe useful to prepare a WKD directory on a non-Unix box using the standard wks client. Signed-off-by: Werner Koch <wk@gnupg.org>
* wks: New option --with-colons for gpg-wks-client.Werner Koch2018-11-051-1/+40
| | | | | | | | | | | | | | | | | | | * tools/gpg-wks.h (opt): Add field with_colons. * tools/gpg-wks-client.c (oWithColons): New const. (opts, parse_arguments): Add option --with-colons. (main): Change aSupported to take several domains in --with-colons mode. (command_send): Factor policy getting code out to ... (get_policy_and_sa): New function. (command_supported): Make use of new function. -- In addition to this the --create command now also supports a submission address only in the policy file. That means the submission-address file is not anymore required and can be replaced by the policy file. Signed-off-by: Werner Koch <wk@gnupg.org>
* wkd: Add option --directory to the server.Werner Koch2018-10-261-11/+18
| | | | | | | | | | | | | * tools/gpg-wks-server.c (opts): Add '--directory', (main): Explain how to set correct permissions. (command_list_domains): Create an empty policy file and remove the warning for an empty policy file. -- Note that a policy file is meanwhile required and thus is is useful to create it. Signed-off-by: Werner Koch <wk@gnupg.org>
* doc: fix spelling mistakesDaniel Kahn Gillmor2018-10-241-2/+2
| | | | Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* Merge branch 'STABLE-BRANCH-2-2'Werner Koch2018-02-221-12/+14
|\
| * wks: Add special mode to --install-key.Werner Koch2018-02-201-10/+7
| | | | | | | | | | | | | | | | | | | | | | * tools/gpg-wks-client.c (get_key_status_parm_s) (get_key_status_cb, get_key): Move to ... * tools/wks-util.c: ...here. (get_key): Rename to wks_get_key. * tools/gpg-wks-server.c: Include userids.h. (command_install_key): Allow use of a fingerprint. Signed-off-by: Werner Koch <wk@gnupg.org>
| * wks: Implement server command --install-key.Werner Koch2018-02-201-4/+8
| | | | | | | | | | | | | | | | | | | | | | * tools/wks-util.c (wks_filter_uid): Add arg 'binary'. * tools/gpg-wks-server.c (main): Expect 2 args for --install-key. (write_to_file): New. (check_and_publish): Factor some code out to ... (compute_hu_fname): ... new. (command_install_key): Implement. Signed-off-by: Werner Koch <wk@gnupg.org>
* | Merge branch 'STABLE-BRANCH-2-2' into masterWerner Koch2018-01-251-4/+33
|\| | | | | | | Signed-off-by: Werner Koch <wk@gnupg.org>
| * wks: New server options --check, --with-dir, with-file.Werner Koch2017-12-191-4/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * tools/gpg-wks-server.c (aCheck, oWithDir, oWithFile): New const. (opts): New options --check, --with-dir, and --with-file. (main): Call command_check_key. (command_list_domains): Implement option --with-dir. (fname_from_userid): New. (command_check_key): New. (command_remove_key): Implement existsing command. (command_revoke_key): Call command_remove_key as a simple implementation. Signed-off-by: Werner Koch <wk@gnupg.org>
* | Merge branch 'STABLE-BRANCH-2-2' into masterWerner Koch2017-09-261-1/+3
|\| | | | | | | | | | | | | | | | | -- Signed-off-by: Werner Koch <wk@gnupg.org> Conflicts: NEWS - include release info from 2.2.1 configure.ac - keep master.
| * wks: Create a new user id if provider wants mailbox-only.Werner Koch2017-09-181-1/+3
| | | | | | | | | | | | | | | | * tools/gpg-wks-client.c (get_key): Add arg 'exact'. (add_user_id): New. (command_send): Create new user id. Signed-off-by: Werner Koch <wk@gnupg.org>
* | gpg: default to 3072-bit RSA keys.Daniel Kahn Gillmor2017-09-081-2/+2
|/ | | | | | | | | | | | | | | | | | | | * agent/command.c (hlp_genkey): update help text to suggest the use of 3072 bits. * doc/wks.texi: Make example match default generation. * g10/keygen.c (DEFAULT_STD_KEY_PARAM): update to rsa3072/cert,sign+rsa3072/encr, and fix neighboring comment, (gen_rsa, get_keysize_range): update default from 2048 to 3072). * g10/keyid.c (pubkey_string): update comment so that first example is the default 3072-bit RSA. -- 3072-bit RSA is widely considered to be 128-bit-equivalent security. This is a sensible default in 2017. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> Gbp-Pq: Topic update-defaults Gbp-Pq: Name 0015-gpg-default-to-3072-bit-RSA-keys.patch
* doc: Add man pages form gpg-wks-server and gpg-wks-client.Werner Koch2017-07-261-0/+340
* doc/wks.texi: New. * doc/gnupg.texi: Include wks.texi. * doc/Makefile.am (gnupg_TEXINFOS): Add wks.texi. (myman_pages): Add new man pages. Signed-off-by: Werner Koch <wk@gnupg.org>