The "advanced" URL of openpgp-webkey-service-07, and l=

justina colmena justina at
Tue Feb 12 21:00:17 CET 2019

On February 11, 2019 4:04:31 AM AKST, Alessandro Vesely <vesely at> wrote:
>I just saw version -07 today.  The advanced method:
>doesn't seem to make much sense to me.  I tried it with, and
>ale at pcale:~/tmp$ dig +short
>ale at pcale:~/tmp$ curl --head
>curl: (51) SSL: no alternative certificate subject name matches target
>host name ''
>The subdomain is probably a star (*) DNS record.  However, their
>certificate's Subject Alt Name doesn't have a star, but a list of
>subdomains.  Certificates cost, albeit not much, so the need to set up
>a new subdomain may hamper implementation.
>I'm unable to get the "flexibility in setting up the Web Key Directory
>in environments where more than one mail domain is hosted".  Say I host
>A.example and B.example.  Then I need to set up both subdomains
>openpgpkey.A.example and openpgpkey.B.example.  Internally, they can be
>redirected in a number of ways, but the server should hold the
>HTTP_HOST anyway.  To repeat tha mail domain between .well-known and
>openpgpkey doesn't seem to help much.
>The openpgpkey folder can be implemented by plain files named after the
>32 byte string and containing the key to be served.  The l= parameter
>would just be discarded in that case.  Otherwise, if the server side
>script is cute, should it verify whether the value of the parameter
>interpreted as a local part matches the 32 byte string?  What if they
>don't match?  To urlencode the local part might have been easier than
>Z-encoding its SHA1, but what's the point of doing both?
>Gnupg-users mailing list
>Gnupg-users at

Certificates COST, do they?

Should a * star certificate COST so infinitely much, then?

WELLKNOWN := Check the sex offender registry list, grab a guy by short and curlies, dig in with your fingernails, and give a sharp twist to the left, or something like that.

Is that what those Russian ladies from NGINX call a "leftist" programming style?
Una Milicia bien regulada, estando necesaria a la seguridad de un Estado libre, el derecho del pueblo de tener y de portar Armas, no será infringido.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 683 bytes
Desc: not available
URL: <>

More information about the Gnupg-users mailing list