Feedback requested: GnuPG lookup and retrieval of PGP certificates via DNS
samir at samirnassar.com
Tue May 17 18:00:19 CEST 2016
I put together a short 1-page document of around 300 words to illuminate
the mechanics to a group of friends of the new key lookup via PKA and
The document is available in PNG format at
https://beta.samirnassar.com/pgpdns/latest.png and please don't bookmark
the URI for long-term use. It is not a cool URI(2).
I used "Publishing Keys in DNS(3)" by Damien Goutte-Gattat as a reference.
I did not use the OPENPGPKEY RR type since it is not implemented in my
DNS server yet(4). I used TYPE37 for PKA and TYPE61 for DANE.
If you have comments, concerns, additions, detractions, denouncements,
or applause, the document and a sufficiently recent version of GnuPG
should help you find a way to share this with me. If you decide to reply
to the mailing list, keep in mind that it is a public list and to be
considerate of the others on this list.
 I know, I know: I am not using DNSSEC.
 Cool URIs don't change: https://www.w3.org/Provider/Style/URI.html
 Publishing Keys in DNS: https://incenp.org/notes/2015/keys-in-dns.html
 Knot DNS features:
email: samir at samirnassar.com
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users