wkd-srv merge requestshttps://code.immerda.ch/immerda/container-images/wkd-srv/-/merge_requests2020-08-11T10:09:26Zhttps://code.immerda.ch/immerda/container-images/wkd-srv/-/merge_requests/1Fix keys with utf 82020-08-11T10:09:26ZmhFix keys with utf 8If wkd-srv runs with LANG=C (which is what happens in our images),
ruby will default to US-ASCII as the default encoding.
OpenPGP Key uids should be UTF-8 strings, thus let's switch to
UTF-8 as the default encoding.
Additionally, there...If wkd-srv runs with LANG=C (which is what happens in our images),
ruby will default to US-ASCII as the default encoding.
OpenPGP Key uids should be UTF-8 strings, thus let's switch to
UTF-8 as the default encoding.
Additionally, there are keys in the wild with broken character
encoding. Thus let's be more on the safe side and enforce UTF-8
strings.
See:
* https://0xacab.org/schleuder/schleuder/-/issues/276
* https://0xacab.org/schleuder/schleuder/-/merge_requests/325
* https://0xacab.org/schleuder/schleuder/-/merge_requests/301
For more background on the details from another project.
Keys imported were fetched from the SKS network.quaquahttps://code.immerda.ch/immerda/container-images/wkd-srv/-/merge_requests/2fix #6 - enable upload of keys with plain email as uid2022-09-20T19:52:12Zmhfix #6 - enable upload of keys with plain email as uidOur current filtering mechanism did not allow for plain
emails as uids. Which is what can be done and some people do it.
To safely import keys where there is a plain email in the uid,
we can make use of the new mbox import filter, that ...Our current filtering mechanism did not allow for plain
emails as uids. Which is what can be done and some people do it.
To safely import keys where there is a plain email in the uid,
we can make use of the new mbox import filter, that is available
since 2.1.14.
With this we can change our filtering (through import & export)
approach:
1. we detect if we have a single key through simple
`gpg < keymaterial` inspection.
2. if we have a single key, we record the fingerprint
3. We import using the mbox filter with a direct match of the email
address
4. We export by matching with the fingerprint
This will give us the exact matching key (through fpr) if there is
a direct match on the email, which is all delegated to gpg itself.