WKD: returns only one pubkey (and why)

Ingo Klöcker kloecker at kde.org
Wed Dec 14 09:55:30 CET 2022


On Dienstag, 13. Dezember 2022 22:32:59 CET Dashamir Hoxha via Gnupg-devel 
wrote:
> Does it make sense to look for a public key by its id?

For WKD? No, it doesn't. For (at least) two reasons:
a) A major idea of WKD is that the owner of a domain is trustworthy and 
therefore you can put initial trust in the keys retrieved for email addresses 
for this domain.
b) How would you know which of the thousands (millions?) of domains to ask for 
the key by id?

WKD is not a replacement for keyservers. It's an addition which eases the 
lookup of encryption keys by email address.

Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20221214/99bf2a04/attachment.sig>


More information about the Gnupg-devel mailing list