WKD spec, draft 05
bernhard at intevation.de
Thu Jan 4 17:13:16 CET 2018
a happy new year to you and all GnuPG people!
Just saw today that you have published a v05 of
(I like the diff tool  to check changes.)
* What is a good way to track the development of the draft?
Does the IETF offer a tool to send me an email if a new revision is
published? Could you drop me (and the devel-list) an email if a new
revision is there?
* The new requirement for serving WELLKNOWN/policy to be able to detect
the existence of the service makes sense to me. Especially because I believe
that the draft should state that the server MUST prevent walking
the list of available pubkeys for privacy reasons, for instance by disabling
the directory display function of a web server.
Can you add the statement to the next revision?
Rationale for suggesting: MUST over SHOULD:
I can see usecases where re-using the
.well-known/openpgpkey/hu/ as way to publish all OpenPGP pubkeys
at once, but I'd say that this is the exceptional case and there are better
methods of publishing a set of pubkeys, e.g. by using a single file with
serveral pubkeys or by generating a HTML page with all email addresses.
* There is a typo in v05:
The file contains keywords and optioanlly values
probably should be
The file contains keywords and optional values
www.intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 473 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-devel