WKD documentation (Re: Testing WKD setup?)

Wiktor Kwapisiewicz wiktor at metacode.biz
Tue Jul 9 15:50:01 CEST 2019


Hi Bernhard,

On 09.07.2019 15:02, Bernhard Reiter wrote:
> Note that on Wiktor's page a few details are missing:
>   * policy file is needed
>   * directory listing strongly recommend to be off
>   * minimum version of gpg that has --with-wkd (some versions don't).

Policy file is checked during WKD check (and I saw the original poster 
did set it up). Checking directory listing would be an interesting thing 
to add! (Although this would be only heuristic).

--with-wkd gpg version is definitely good thing to add, thanks for the idea!

> BTW, last week we've updated
>    https://wiki.gnupg.org/WKDHosting
> with a how to use gpg-wks-client on Gnu and Windows systems
> to create a flat file structure.

What I like in WKD most is that it's a super-simple standard. Once upon 
a time I mailed random PGP-using people asking if they'd consider 
setting it up and the feedback has been overwhelmingly positive. The 
only thing I needed was basically the local-part hash and actually 
that's what I built the checker for, to generate the URL in an easy way, 
even without GPG.

--with-wkd mentioned by Alyssa is what I used previously and it was good 
but ultimately I've become too lazy to use even that :)

As Phil mentioned the checker has not been updated to latest specs and 
gives warnings for issues that I think should be part of the spec (I 
mentioned them on the OpenPGP mailing list but did not receive any 
feedback from the I-D author).

> Best Regards,
> Bernhard
> ps.: Thanks Wiktor for explaning WKD
> 

No problem! I actually also implemented WKD in a couple of projects in 
three different languages (OpenKeychain, OpenPGP.js, initial support in 
Mailpile, I did have a patch for mutt but they didn't like the idea :)), 
so the I-D looks solid!

 > I thought you'd be interested in the
 > feedback. :)

Yep, thanks for the CC, I'm not subscribed to the ML at all times!

See you later!

Kind regards,
Wiktor

-- 
https://metacode.biz/@wiktor

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 919 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190709/ee3d67a4/attachment.sig>


More information about the Gnupg-users mailing list