1GPG-WKS-CLIENT(1) GNU Privacy Guard 2.2 GPG-WKS-CLIENT(1)
2
6 gpg-wks-client - Client for the Web Key Service
7
9 gpg-wks-client [options] --supported user-id
10 gpg-wks-client [options] --check user-id
11 gpg-wks-client [options] --create fingerprint user-id
12 gpg-wks-client [options] --receive
13 gpg-wks-client [options] --read
14
17 The gpg-wks-client is used to send requests to a Web Key Service
18 provider. This is usuallay done to upload a key into a Web Key Direc‐
19 tory.
20 With the --supported command the caller can test whether a site sup‐
22 ports the Web Key Service. The argument is an arbitray address in the
23 to be tested domain. For example ‘foo@example.net’. The command
24 returns success if the Web Key Service is supported. The operation is
25 silent; to get diagnostic output use the option --verbose. See option
26 --with-colons for a variant of this command.
27 With the --check command the caller can test whether a key exists for a
29 supplied mail address. The command returns success if a key is avail‐
30 able.
31 The --create command is used to send a request for publication in the
33 Web Key Directory. The arguments are the fingerprint of the key and
34 the user id to publish. The output from the command is a properly for‐
35 matted mail with all standard headers. This mail can be fed to send‐
36 mail(8) or any other tool to actually send that mail. If sendmail(8)
37 is installed the option --send can be used to directly send the created
38 request. If the provider request a 'mailbox-only' user id and no such
39 user id is found, gpg-wks-client will try an additional user id.
40 The --receive and --read commands are used to process confirmation
42 mails as send from the service provider. The former expects an
43 encrypted MIME messages, the latter an already decrypted MIME message.
44 The result of these commands are another mail which can be send in the
45 same way as the mail created with --create.
46 The command --install-key manually installs a key into a local direc‐
48 tory (see option -C) reflecting the structure of a WKD. The arguments
49 are a file with the keyblock and the user-id to install. If the first
50 argument resembles a fingerprint the key is taken from the current
51 keyring; to force the use of a file, prefix the first argument with
52 "./". If no arguments are given the parameters are read from stdin;
53 the expected format are lines with the fingerprint and the mailbox sep‐
54 arated by a space. The command --remove-key removes a key from that
55 directory, its only argument is a user-id.
56 gpg-wks-client is not commonly invoked directly and thus it is not
58 installed in the bin directory. Here is an example how it can be
59 invoked manually to check for a Web Key Directory entry for ‘foo@exam‐
60 ple.org’:
61 $(gpgconf --list-dirs libexecdir)/gpg-wks-client --check foo@example.net
63
66 gpg-wks-client understands these options:
67 --send Directly send created mails using the sendmail command.
71 Requires installation of that command.
72 --with-colons
75 This option has currently only an effect on the --supported com‐
76 mand. If it is used all arguments on the command line are taken
77 as domain names and tested for WKD support. The output format
78 is one line per domain with colon delimited fields. The cur‐
79 rently specified fields are (future versions may specify addi‐
80 tional fields):
81 1 - domain
85 This is the domain name. Although quoting is not
86 required for valid domain names this field is specified
87 to be quoted in standard C manner.
88 2 - WKD
91 If the value is true the domain supports the Web Key
92 Directory.
93 3 - WKS
96 If the value is true the domain supports the Web Key Ser‐
97 vice protocol to upload keys to the directory.
98 4 - error-code
101 This may contain an gpg-error code to describe certain
102 failures. Use 'gpg-error CODE' to explain the code.
103 5 - protocol-version
106 The minimum protocol version supported by the server.
107 6 - auth-submit
110 The auth-submit flag from the policy file of the server.
111 7 - mailbox-only
114 The mailbox-only flag from the policy file of the server.
115 --output file
120 -o Write the created mail to file instead of stdout. Note that the
121 value - for file is the same as writing to stdout.
122 --status-fd n
125 Write special status strings to the file descriptor n. This
126 program returns only the status messages SUCCESS or FAILURE
127 which are helpful when the caller uses a double fork approach
128 and can't easily get the return code of the process.
129 -C dir
132 --directory dir
133 Use dir as top level directory for the commands --install-key
134 and --remove-key. The default is ‘openpgpkey’.
135 --verbose
138 Enable extra informational output.
139 --quiet
142 Disable almost all informational output.
143 --version
146 Print version of the program and exit.
147 --help Display a brief help page and exit.
150
153 gpg-wks-server(1)
154GnuPG 2.2.13 2019-02-11 GPG-WKS-CLIENT(1)