Re: [Evolution] Fetch PGP Public keys from LDAP?

[Adam Tauno Williams <awilliam whitemice org>]

On Wed, 2017-12-06 at 18:32 -0500, David Burleigh wrote:
> What I'm really after is away to simplify and nearly automate the use
> of pgp encryption for emails within our organization. Already we have
> the robust mail clients like Evolution, Thunderbird, and Outlook (for
> Windows users) access our common LDAP service for our organizational
> contacts, so it would be convenient to have everyone's public key
> hosted there also, and automatically used to encrypt mail to them.

[again: ~26+ years experience]

We used to do the same - use LDAP as a contacts backend between diverse
clients.  The problem is that such a solution is a potent example of
LDC (least common denominator) behavior.  Beyond very basic
functionality like name-and-email you can't get much; you certainly
will not be able to get all the clients to inter-operate getting
encryption keys from the addressbook - it just isn't going to happen.
 I know, when you set it up it seems like you are 99.44% of the way
there to a good collaboration solution [essentially what we used to
call "groupware"] - but that 0.56% is a big deal - and LDAP cannot
deliver it.  

See a very old presentation of mine - http://www.wmmi.net/documents/LDA
P105.pdf - concerning how even the basic schema used by Evolution,
Thunderbird, and WAB [Outlook] don't match up across clients. :(

Any notion that 'the world' would settle on a standard LDAP schema, and
any notion that 'the world' had a genuine interest in real inter-
operability, is now dusty history.   Hyper-proprietary "cloud" services
[called them "SaaS" back when I was wee lad] have crushed any momentum
that existed concerning standards; or at least any standards that don't
suit their purposes.

You get closest to what you want using a WebDAV (CardDAV) server.  
Even then advanced features like key sharing are iffy.

There are very pragmatic reasons that, eventually, almost all
organizations standardize on a specific client.