diff --git a/app/controllers/web_key_directory_controller.rb b/app/controllers/web_key_directory_controller.rb
index 2809728..cc2e439 100644
--- a/app/controllers/web_key_directory_controller.rb
+++ b/app/controllers/web_key_directory_controller.rb
@@ -1,9 +1,10 @@
 class WebKeyDirectoryController < WellKnownController
   before_action :allow_cross_origin_requests
 
-  # /.well-known/openpgpkey/hu/:hashed_username(.txt)
+  # /.well-known/openpgpkey/hu/:hashed_username(.txt)?l=username
   def show
-    @user = User.find_by(cn: params[:l].downcase)
+    username = params[:l] || ""
+    @user = User.find_by(cn: username.downcase)
 
     if @user.nil? ||
        @user.pgp_pubkey.blank? ||
diff --git a/app/services/ldap_manager/update_display_name.rb b/app/services/ldap_manager/update_display_name.rb
index 85418d3..30ca606 100644
--- a/app/services/ldap_manager/update_display_name.rb
+++ b/app/services/ldap_manager/update_display_name.rb
@@ -6,7 +6,11 @@ module LdapManager
     end
 
     def call
-      replace_attribute @dn, :displayName, @display_name
+      if @display_name.present?
+        replace_attribute @dn, :displayName, @display_name
+      else
+        delete_attribute @dn, :displayName
+      end
     end
   end
 end
diff --git a/spec/requests/web_key_directory_spec.rb b/spec/requests/web_key_directory_spec.rb
index c7ef1f3..aa3fb63 100644
--- a/spec/requests/web_key_directory_spec.rb
+++ b/spec/requests/web_key_directory_spec.rb
@@ -9,6 +9,13 @@ RSpec.describe "OpenPGP Web Key Directory", type: :request do
     end
   end
 
+  describe "omitted 'l' param" do
+    it "returns a 404 status" do
+      get "/.well-known/openpgpkey/hu/fmb8gw3n4zdj4xpwaziki4mwcxr1368i"
+      expect(response).to have_http_status(:not_found)
+    end
+  end
+
   describe "non-existent user" do
     it "returns a 404 status" do
       get "/.well-known/openpgpkey/hu/fmb8gw3n4zdj4xpwaziki4mwcxr1368i?l=aristotle"