A question about WKD

Dirk Gottschalk dirk.gottschalk1980 at googlemail.com
Tue Jan 1 18:48:42 CET 2019


Hello Stefan.

Am Dienstag, den 01.01.2019, 13:19 +0100 schrieb Stefan Claas:
> On Sat, 29 Dec 2018 20:18:54 +0100, Wiktor Kwapisiewicz via Gnupg-
> users wrote:
> > On 29.12.2018 15:48, Stefan Claas wrote:
> > > Hi all,

> > Just create more files in .well-known/openpgpkey/hu directory.

> since my current WKD key is a temporary key i would like to know
> for best practice the following:

> In a couple of days i will receive my Kanguru Defender 3000 USB stick
> and then i will create a new key pair and put it on the stick, along
> with other things. This key will then also be signed by Governikus.

> Because WKD currently does not cover revocation certs i would like
> to know how to continue. Should i upload then my revoked temp
> key to SKS or should i simply replace the keys. If possible i would
> like to avoid SKS usage in the future.

> Does GnuPG detects when i use a new WKD pub key, once i signed
> a new message?

I would at least publicate the revocation via the SKS servers.

GPG searches all keys on the SKS-Servers, regardless of their origin.
So during a refresh the revocation is added to the keyring, AFAIK.

Regards,
Dirk

-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen, Germany

GPG: DDCB AF8E 0132 AA54 20AB  B864 4081 0B18 1ED8 E838
Keybase.io: https://keybase.io/dgottschalk
GitHub: https://github.com/Dirk1980ac

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190101/6a374dee/attachment.sig>


More information about the Gnupg-users mailing list