distributing pubkeys: autocrypt, hagrid, WKD
wiktor at metacode.biz
Tue Jul 2 22:37:31 CEST 2019
On 02.07.2019 21:40, Konstantin Ryabitsev wrote:
> Most subkey changes that I am aware of are not due to people's old
> subkeys expiring, but because they add new ones for reasons like
> migrating between smartcard solutions or just being nerdy and picking a
> new ECC-based subkey.
> When this happens, a maintainer who tries to verify a signed pull
> request will have the operation fail, so they need to have a way to
> force-refresh the developer's key.
Do you mean something simpler than :
gpg --auto-key-locate clear,wkd,nodefault --locate-key torvalds at kernel.org
Trying key lookup over WKD if the subkey is missing locally (but primary
key is present) would be a good idea. I've seen some really weird errors
in that case .
If the primary key used short expiration  the refresh would be
automatic but not many people like to prolong expirations every couple
More information about the Gnupg-users