WKD was Remove public key from keyserver

Stefan Claas stefan.claas at posteo.de
Tue Jan 16 16:46:48 CET 2018

On Tue, 16 Jan 2018 08:52:44 +0100, Werner Koch wrote:
> On Mon, 15 Jan 2018 20:21, stefan.claas at posteo.de said:
> > O.k. Werner invented WKD which solves those problems, if i'm not
> > mistaken, but is it besides keybase.io widely deployed?  
> Nope.  The Web Key Directory solves exactly one problem: How to
> initially map a mail address to a key.  This directory is hosted by
> the provider of the mail address because that is the only entity which
> controls the mail address.  

O.k. thanks for the clarification!

> Once this mail address has been mapped  keyservers can be used to get
> revocations and updates of the key.

This part i do not understand... i send the rev cert or my updated key
again to WKD and then i can search a regular key server for the updated

> Unfortunately it is not yet widely supported; you can help to make it
> better known.

Well, i really would like to promote WKD at other places. The problem
i have with posteo's WKD implementation is that their policy is pretty
strict, which i personally don't like and i told them so. I would like
to see a mail provider using WKD which allows the user to use his
certified key.



More information about the Gnupg-users mailing list