LDAP Keyserver Support in v2.1

Neal H. Walfield neal at g10code.de
Mon Mar 23 20:14:04 CET 2015


Hi,

I've spent the past few weeks forward porting and rewriting the LDAP
Keyserver support for GnuPG 2.1.  I've just pushed it to master.

To test it, you can run the following:

  $ gpg2 --keyserver ldap://keys.eika.no --search-keys kf at eika.no
  $ gpg2 --keyserver ldap://keys.eika.no --send-key 664D7444
  $ gpg2 --keyserver ldap://keys.eika.no --recv-key 664D7444

(keys.eika.no is a publically available LDAP keyserver.  If you want
to set up your own, you can try following [1].)


If you need to log in to access the LDAP server, use the following
URI:

  ldap://HOST/????bindname=uid=USER%2cou=PGP%20Users%2cdc=EXAMPLE%2cdc=ORG,password=PASSWORD

You'll need to replace USER, dc=EXAMPLE%2cdc=ORG and PASSWORD.  Make
sure to include four question marks.

Note that the values are percent escaped.  Thus, spaces are replaced
with %2c and commas with %2c.

In addition to the ldap protocol, you can access the server using the
ldaps (TLS) and ldapi protocols.


I'm interested in both problems you may have as well as success.


Thanks,

Neal


[1] http://wiki.gnupg.org/LDAPKeyserver



More information about the Gnupg-devel mailing list