WKD: User ID filtering

Wiktor Kwapisiewicz wiktor at metacode.biz
Thu Jun 21 11:02:28 CEST 2018


>> It can be read out and will eventually be used for key validation
>> heuristics.  Option --with-key-origin and in the --with-colons output
>> fields 19 and 20 of uid and pub records.
> In gpgme it is also available since 1.10.0 ;-)

I will check this out, thanks for the info! :)

>>> Because fetching via WKD at least "validates" the e-mail part and this
>>> information is useful.
> As an example, I'm using that flag for "Automatic Encryption" in GpgOL. It will
> see a userid as acceptable for automatic encryption if it has either marginal
> validity (when TOFU is not used) or if it came from WKD.

Yes! That's a very good idea! Actually I was thinking about the same but 
for EnigMail. WKD provides a good basis for initial contact encryption.

Have you thought about extending it even further? For example if someone 
types an unknown e-mail, presses Enter, the GpgOL could see if there is 
a key available via WKD and if so, fetch it and enable encryption 
entirely automatically!

Kind regards,


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20180621/60c48733/attachment.sig>

More information about the Gnupg-devel mailing list