[git] gnupg-doc - branch, preview, updated. 541cbcfea631a722644d289dc701d235281e4b23

by Kai Michaelis cvs at cvs.gnupg.org
Tue Aug 1 14:21:33 CEST 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GnuPG website and other docs".

The branch, preview has been updated
       via  541cbcfea631a722644d289dc701d235281e4b23 (commit)
      from  7cfa1520d7a4169e2524ac912cca3714e79abba0 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 541cbcfea631a722644d289dc701d235281e4b23
Author: Kai Michaelis <kai at gnupg.org>
Date:   Tue Aug 1 14:19:27 2017 +0200

    blog: Web Key in Engimail

diff --git a/misc/blog.gnupg.org/20170807-web-key-in-engimail.org b/misc/blog.gnupg.org/20170807-web-key-in-engimail.org
new file mode 100644
index 0000000..7c9c3ba
--- /dev/null
+++ b/misc/blog.gnupg.org/20170807-web-key-in-engimail.org
@@ -0,0 +1,20 @@
+# Using the Web Key Service with Enigmail
+#+STARTUP: showall
+#+AUTHOR: Kai
+#+DATE: August 7, 2017
+
+** Using the Web Key Service with Enigmail
+
+   Obtaining the key of someone has always being a major pain point of using GnuPG. OpenPGP doesn't "outsource" trust management by using a PKI. Instead it allows each user to decide whom to trust. This has the downside that we need to evaluate whenever we can trust a new key for each novel communication partner. Until recently there wasn't an automatic way to get the key of someone you never communicated with.
+
+   The [[Web Key Service]](https://tools.ietf.org/id/draft-koch-openpgp-webkey-service-03.html) and the new ~--auto-key-retrieve~ & ~--auto-key-locate~ available in recent versions of GnuPG.
+
+*** Web Key Service
+
+    The Web Key Service is a protocol to publish OpenPGP keys via mail and retrieve others keys using HTTPS. The advatage over HKPS is that every email provider maintains its own key server (called Web Key Directory, WKD) that is authorative for all its users. This means that,
+
+		1. There exists only one key server for a given email address. No need to ask multiple servers as with HKPS.
+
+		2. When publishing a key using mail, WKD makes sure the sender is in possesion of the secret key.
+
+		3. Mail providers can (and should) make sure

-----------------------------------------------------------------------

Summary of changes:
 misc/blog.gnupg.org/20170807-web-key-in-engimail.org | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 misc/blog.gnupg.org/20170807-web-key-in-engimail.org


hooks/post-receive
-- 
The GnuPG website and other docs
http://git.gnupg.org

More information about the Gnupg-commits mailing list