Web Key Directory

Damien Goutte-Gattat dgouttegattat at incenp.org
Fri May 6 15:29:12 CEST 2016

On 05/06/2016 10:22 AM, Werner Koch wrote:
> A draft specification can be found at
> https://tools.ietf.org/id/draft-koch-openpgp-webkey-service-00.txt

Is this list (gnupg-devel) appropriate for discussing this draft, or 
should discussions take place elsewhere (e.g., on a IETF list)?

There seems to be a contradiction between this paragraph (at the 
beginning of Section 4):

   She sends her key using SMTP [...]. The content-type SHOULD be
   "application/pgp-key" and the key being a binary attachement
   (which is then likely base64 encoded).  Note that the OpenPGP
   ASCII armor is not used.

and this one (Section 4.2):

   The mail used to submit a key to the mail provider MUST comply
   to the PGP/MIME specification (RFC 3156, section 7), which states
   that the Content-Type must be "application/pgp-keys", there are
   no required or optional parameters, and the body part contains
   the ASCII-armored transferable Public Key Packets as defined in
   RFC 4880, section 11.1.

So, should the key be wrapped in the OpenPGP ASCII armor, or simply 
encoded in base64?

I also presume the "application/pgp-key" (singular) in the first 
paragraph is a typo, and should be read "application/pgp-keys", since 
there is no "application/pgp-key" defined in RFC 3156. Is that correct?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160506/1af827ab/attachment.sig>

More information about the Gnupg-devel mailing list