The PGP world is due for major changes -- the current replicated monolithic Published KeyRing using email based servers using PGP 2.x is creaking louder and louder. There are just too many keys for the algorithms which PGP 2.x uses. PGP 3.x may give it a while longer, but the general view is that some distributed (rather than replicated) service is the way to go. However, that is in the future.
The objective is to provide a command with a very simple spec
(get me info on X and write the result to stdout)
which people can use in their applications which may want to get a key,
or info about a key, in realtime for a user, but without any user interaction.
E.g. your mailer displays a PGP message and says it can't check the key as it
isn't in your keyring, so you click on a "fetch" button, and it
retreives the key for you.
Applications can start using this now, and when a distributed service
arrives, another protocol can be added to its list, and the application
doesn't need to know.
The spec is that you tell it on the command line what you want,
and if it exits with a return code of 0, the result was sent to stdout
(currently stderr gets some debugging junk).
It currently has support for the
WWW interface (which is slow) and also a fast
private protocol which is resticted to "exact" matches --
e.g. you know the email address to which you are sending, or you
know the keyid that was used to sign the message you just received.
It currently requires perl (version 4 or 5), and typical lookups
(on the full published keyring) take about a second if you give an
"exact match".
This is currently defined as the text inside the <> of the User ID
(or the whole User ID if there is no <>) or "@host" for all users of host,
or a keyid.
As an example, "Piete Brooks <[email protected]>" will be returned on
requests for "[email protected]" and "@cl.cam.ac.uk".