Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
GPG-WKS-CLIENT(1)	     GNU Privacy Guard 2.2	     GPG-WKS-CLIENT(1)

       gpg-wks-client -	Client for the Web Key Service

       gpg-wks-client [options]	--supported user-id
       gpg-wks-client [options]	--check	user-id
       gpg-wks-client [options]	--create fingerprint user-id
       gpg-wks-client [options]	--receive
       gpg-wks-client [options]	--read

       The  gpg-wks-client  is	used  to  send	requests  to a Web Key Service
       provider.  This is usuallay done	to upload a key	into a Web Key	Direc-

       With  the  --supported  command the caller can test whether a site sup-
       ports the Web Key Service.  The argument	is an arbitrary	address	in the
       to  be  tested  domain. For example `'.  The command re-
       turns success if	the Web	Key Service is supported.   The	 operation  is
       silent;	to get diagnostic output use the option	--verbose.  See	option
       --with-colons for a variant of this command.

       With the	--check	command	the caller can test whether a key exists for a
       supplied	 mail address.	The command returns success if a key is	avail-

       The --create command is used to send a request for publication  in  the
       Web  Key	 Directory.   The arguments are	the fingerprint	of the key and
       the user	id to publish.	The output from	the command is a properly for-
       matted  mail  with all standard headers.	 This mail can be fed to send-
       mail(8) or any other tool to actually send that mail.   If  sendmail(8)
       is installed the	option --send can be used to directly send the created
       request.	 If the	provider request a 'mailbox-only' user id and no  such
       user id is found, gpg-wks-client	will try an additional user id.

       The  --receive  and  --read  commands  are used to process confirmation
       mails as	send from the service provider.	 The  former  expects  an  en-
       crypted	MIME  messages,	 the latter an already decrypted MIME message.
       The result of these commands are	another	mail which can be send in  the
       same way	as the mail created with --create.

       The  command  --install-key manually installs a key into	a local	direc-
       tory (see option	-C) reflecting the structure of	a WKD.	The  arguments
       are  a file with	the keyblock and the user-id to	install.  If the first
       argument	resembles a fingerprint	the key	 is  taken  from  the  current
       keyring;	 to  force  the	 use of	a file,	prefix the first argument with
       "./".  If no arguments are given	the parameters are  read  from	stdin;
       the expected format are lines with the fingerprint and the mailbox sep-
       arated by a space.  The command --remove-key removes a  key  from  that
       directory, its only argument is a user-id.

       The command --print-wkd-hash prints the WKD user-id identifiers and the
       corresponding mailboxes from the	user-ids given on the command line  or
       via stdin (one user-id per line).

       The  command  --print-wkd-url prints the	URLs used to fetch the key for
       the given user-ids from WKD.  The meanwhile preferred format with  sub-
       domains is used here.

       gpg-wks-client  is not commonly invoked directly	and thus it is not in-
       stalled in the bin directory.  Here is an example how it	can be invoked
       manually	to check for a Web Key Directory entry for `':

	 $(gpgconf --list-dirs libexecdir)/gpg-wks-client --check

       gpg-wks-client understands these	options:

       --send Directly	send  created  mails  using the	sendmail command.  Re-
	      quires installation of that command.

	      This option has currently	only an	effect on the --supported com-
	      mand.  If	it is used all arguments on the	command	line are taken
	      as domain	names and tested for WKD support.  The	output	format
	      is  one  line  per domain	with colon delimited fields.  The cur-
	      rently specified fields are (future versions may	specify	 addi-
	      tional fields):

	      1	- domain
		     This  is  the  domain  name.  Although quoting is not re-
		     quired for	valid domain names this	field is specified  to
		     be	quoted in standard C manner.

	      2	- WKD
		     If	 the value is true the domain supports the Web Key Di-

	      3	- WKS
		     If	the value is true the domain supports the Web Key Ser-
		     vice protocol to upload keys to the directory.

	      4	- error-code
		     This  may	contain	 an gpg-error code to describe certain
		     failures.	Use `gpg-error CODE' to	explain	the code.

	      5	- protocol-version
		     The minimum protocol version supported by the server.

	      6	- auth-submit
		     The auth-submit flag from the policy file of the server.

	      7	- mailbox-only
		     The mailbox-only flag from	the policy file	of the server.

       --output	file
       -o     Write the	created	mail to	file instead of	stdout.	 Note that the
	      value - for file is the same as writing to stdout.

       --status-fd n
	      Write  special  status  strings  to the file descriptor n.  This
	      program returns only the	status	messages  SUCCESS  or  FAILURE
	      which  are  helpful  when	the caller uses	a double fork approach
	      and can't	easily get the return code of the process.

       -C dir
       --directory dir
	      Use dir as top level directory for  the  commands	 --install-key
	      and --remove-key.	 The default is	`openpgpkey'.

	      Enable extra informational output.

	      Disable almost all informational output.

	      Print version of the program and exit.

       --help Display a	brief help page	and exit.


GnuPG 2.2.22			  2020-08-30		     GPG-WKS-CLIENT(1)


Want to link to this manual page? Use this URL:

home | help