WKD: Subdomain openpgpkey
Christoph Klassen
christoph-klassen at mail.de
Fri Nov 12 14:35:48 CET 2021
On 09.11.21 08:33, Werner Koch wrote:
> No. If you get an IP address to connect to, the server exists. I'll
> add a note to the specs to clarify this.
It could also be that the DNS name can be resolved, but no web server
exists or the server is offline.
There are these cases:
*A request for a pubkey gets a response with status 200.
*A request for a pubkey gets a response, but with a negative status like
404.
*A request isn't successful because of a NetworkError. In this case it's
not possible to say, if the DNS name couldn't be resolved or if there is
not web server.
A suggestion is that the direct method will be only used, if the third
case occures. Resolving DNS names would make it more difficult to
implement WKD (which was thought of as an easy solution to retrieve
pubkeys) and maybe it's not always possible. For example I'm not sure,
if extensions for internet browsers can do this.
Greetings,
Christoph
More information about the Gnupg-devel
mailing list