WKD spec, draft 05

Werner Koch wk at gnupg.org
Fri Jan 5 13:13:37 CET 2018

On Thu,  4 Jan 2018 17:13, bernhard at intevation.de said:

> Just saw today that you have published a v05 of
> https://datatracker.ietf.org/doc/draft-koch-openpgp-webkey-service

The old version was about to expire thus I published a revision.

> * What is a good way to track the development of the draft?
>   Does the IETF offer a tool to send me an email if a new revision is
>   published? Could you drop me (and the devel-list) an email if a new

I don't think so.  It is recorded at the WG page

But note that the latest rfc4880bis draft -03
is not anymore record4d there.  I assume this is because the IETF closed
the WG (but not the mailing list).

> * The new requirement for serving WELLKNOWN/policy to be able to detect
>   the existence of the service makes sense to me. Especially because I believe

GnuPG uses it to detect whether a domain supports WKD at all.  Since the
last release Dirmngr caches this info but needs a way to check whether
it is supported at all.

>   that the draft should state that the server MUST prevent walking
>   the list of available pubkeys for privacy reasons, for instance by disabling
>   the directory display function of a web server.

These are public keys and testing for their existence is trivial as it
it with all mail addresses.  If someone wants to add an index file for
this it is at their discretion and we should not impose a restriction on
this.  A SHOULD NOT would be okay, though.

> * There is a typo in v05:

Fixed.  Thanks.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20180105/be0f6de2/attachment.sig>

More information about the Gnupg-devel mailing list