The "advanced" URL of openpgp-webkey-service-07, and l=
justina at colmena.biz
Tue Feb 12 21:00:17 CET 2019
On February 11, 2019 4:04:31 AM AKST, Alessandro Vesely <vesely at tana.it> wrote:
>I just saw version -07 today. The advanced method:
>doesn't seem to make much sense to me. I tried it with posteo.de, and
>ale at pcale:~/tmp$ dig +short openpgp.posteo.de
>ale at pcale:~/tmp$ curl --head
>curl: (51) SSL: no alternative certificate subject name matches target
>host name 'openpgp.posteo.de'
>The subdomain is probably a star (*) DNS record. However, their
>certificate's Subject Alt Name doesn't have a star, but a list of
>subdomains. Certificates cost, albeit not much, so the need to set up
>a new subdomain may hamper implementation.
>I'm unable to get the "flexibility in setting up the Web Key Directory
>in environments where more than one mail domain is hosted". Say I host
>A.example and B.example. Then I need to set up both subdomains
>openpgpkey.A.example and openpgpkey.B.example. Internally, they can be
>redirected in a number of ways, but the server should hold the
>HTTP_HOST anyway. To repeat tha mail domain between .well-known and
>openpgpkey doesn't seem to help much.
>The openpgpkey folder can be implemented by plain files named after the
>32 byte string and containing the key to be served. The l= parameter
>would just be discarded in that case. Otherwise, if the server side
>script is cute, should it verify whether the value of the parameter
>interpreted as a local part matches the 32 byte string? What if they
>don't match? To urlencode the local part might have been easier than
>Z-encoding its SHA1, but what's the point of doing both?
>Gnupg-users mailing list
>Gnupg-users at gnupg.org
Certificates COST, do they?
Should a * star certificate COST so infinitely much, then?
WELLKNOWN := Check the sex offender registry list, grab a guy by short and curlies, dig in with your fingernails, and give a sharp twist to the left, or something like that.
Is that what those Russian ladies from NGINX call a "leftist" programming style?
Una Milicia bien regulada, estando necesaria a la seguridad de un Estado libre, el derecho del pueblo de tener y de portar Armas, no será infringido.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 683 bytes
Desc: not available
More information about the Gnupg-users