Automatic WKD via

Bernhard Reiter bernhard at
Tue Mar 3 09:07:38 CET 2020

Hi Vincent,

Am Sonntag 02 Februar 2020 23:36:42 schrieb Vincent Breitmoser via 
>  It works well for folks who want to
> publish their keys on WKD, but don't want to go through the hassle of
> maintaining the directory on their server. (like me, incidentally :)

it is good to have another possibility (if your mail provider is not yet 
providing one). 

Most people here understand that this has security drawbacks because it 
becomes a central keyserver with the ability to see whom tries to communicate 
with whom and a potential place to be monitored. Thus using a decentral way
to offer WKD seems to make the whole system more resilient and people using a 
decentral way via their mail provider a bit more secure.

How to we educate people about these significant drawbacks?
(And seriously shouldn't you set a good example and maintin the directory on 
your mail server? >;) It is just running one script in case your public key 

Am Montag 03 Februar 2020 00:55:52 schrieb Vincent Breitmoser via Gnupg-devel:
> is deployed for my address. You can test it with commands like:

> > gpg  --no-default-keyring --locate-keys --auto-key-locate
> > clear,nodefault,wkd look at

gives me
gpg: error retrieving 'look at' via WKD: No data
gpg: error reading key: No data
(probably because gnupg2 from Debian oldstable, fetching pubkeys from many 
other sources work though.)


--   +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part.
URL: <>

More information about the Gnupg-devel mailing list