A question about WKD
Wiktor Kwapisiewicz
wiktor at metacode.biz
Sat Dec 29 20:18:54 CET 2018
On 29.12.2018 15:48, Stefan Claas wrote:
> Hi all,
>
> is it also possible to add manually more pub keys to WKD
> or do i have to install WKS for that purpose?
>
> I ask, because in case i like to add more users to my
> mail server.
Just create more files in .well-known/openpgpkey/hu directory.
I didn't follow how you set it up initially but you can grab the file name
(hash) using this command:
$ gpg --with-wkd -k KEY
Substitute KEY with key ID or an email, etc.
For example for me it prints the following line of hash:
gebusffkx9g581i6ch4t3ewgwd6dctmp at metacode.biz
If you export binary key to .well-known/openpgpkey/hu and name it
"gebusffkx9g581i6ch4t3ewgwd6dctmp" (no quotes, no extension, just like that)
then it would work.
WKS is not needed. Actually WKS is only when you want users to manage their keys
using their e-mail client. I know other people that manage WKD differently, e.g.
Gentoo has a strict set of known keys and they update their WKD directory with a
cron job (so developers update the key on keyservers and WKD is automatically
refreshed).
I did a small proof-of-concept checker for small deployments, that you may find
useful: https://metacode.biz/openpgp/web-key-directory
Kind regards,
Wiktor
--
https://metacode.biz/@wiktor
More information about the Gnupg-users
mailing list