WKD was Remove public key from keyserver
stefan.claas at posteo.de
Tue Jan 16 20:41:42 CET 2018
On Tue, 16 Jan 2018 19:51:17 +0100, Werner Koch wrote:
> We definitely want to refine some things there but that requires a
> wider deployment.
I will for sure follow the WKD development and hope that also more
mail providers will offer a WKD service.
> > i have with posteo's WKD implementation is that their policy is
> > pretty strict, which i personally don't like and i told them so. I
> > would like
> Posteo does only allows the mail address (addr-spec) and no real name
> in the key for data protection reasons. Thus a
> $ wget -O- posteo.de/.well-known/openpgpkey/policy 2>/dev/null
> # Policy for draft-koch-openpgp-webkey-service-04
> shows this policy flag. If you upload your key using a tool employing
> gpg-wks-client (e.g. Kmail or Enigmail) this policy will be detected
> and if a plain addr-spec only user0id does not exists a new user-id
> will be created and sent to posteo.
> The real problem with Posteo is that they use invalid certificates for
> all but the posteo.de domain. Thus my posteo.net account does not
> work because they redirect to posteo.de but do not include posteo.net
> in the certificate for the initial access to posteo.net. Bummer.
Thanks for the information, much appreciated!
More information about the Gnupg-users