Web Key Directory
Werner Koch
wk at gnupg.org
Fri May 13 21:11:55 CEST 2016
On Fri, 13 May 2016 17:03, guilhem at fripost.org said:
> 125 3. The provider checks that the received key has a User ID which
> 126 - matches an account name of the provider,
> 127 - and that the from address matches that account.
>
> In the second requirement, do you mean the (SMTP/LMTP) envelope from
> address, or the RFC 5322 From: header value? I don't really understand
The From: value from RFC-2822. For this purpose it is not really
requirement but for attended use it is general a good idea to match it
and print a warning. But you are right, it does not belong to here.
> challenge to all matching addresses? (Also unlike Sender:, the From:
> header value can be set to multiple addresses.)
Thanks for reminding me about this; I renamed the "from" field in the
request and response to "sender" to make it clear that only one mailbox
is allowed.
> Also, it would be convenient to have the ability to filter out the
> confirmation requests client side. If the Content-Type value is
> registered and reserved for that use only one could use it as selector;
Yes, that is the idea. application/vnd.gnupg.wkd will be registered in
the vendor-tree as per RFC-6833. Given that the GnuPG Project controls
the gnupg.{org,net,com} domains there should never be a conflict with
the vendor name even without having done the registration.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
/* EFH in Erkrath: https://alt-hochdahl.de/haus */
More information about the Gnupg-devel
mailing list