WKD documentation (Re: Testing WKD setup?)
Wiktor Kwapisiewicz
wiktor at metacode.biz
Tue Jul 9 20:51:41 CEST 2019
Hi Bernhard,
On 09.07.2019 16:47, Bernhard Reiter wrote:
>> Once upon
>> a time I mailed random PGP-using people asking if they'd consider
>> setting it up and the feedback has been overwhelmingly positive.
>
> Cool, if you receive answer, please help us to keep the list of supporting
> organisations growing at https://wiki.gnupg.org/WKD
> (We'd have to move it to a subpage soon.)
You can also add Debian there and occrp.org (although the latter doesn't
have policy file :().
I think Linux distributions are particularly good target for WKD - they
can manage their developer's keys. They use HTTPS and usually developers
have e-mail aliases at the distro domain. Additionally now with GnuPG
2.2.17 they can easily make first signature verification faster by
utilizing Signer's UID packet (--sender option).
(As a side note, I did contact two distros with that in mind and one of
them, I'll share this openly: Gentoo - did handle it in a very
professional matter enabling WKD for developers in days and keeping me -
an outsider - in the loop for the whole time. I'm still impressed by
their execution!)
>> No problem! I actually also implemented WKD in a couple of projects in
>> three different languages (OpenKeychain, OpenPGP.js, initial support in
>> Mailpile,
>
> Cool! Anything more you can share?
I'll think about it, this was just the most pleasant experiences I had
in contributing (in no particular order!). I've got a small to-do list
for project that I still want to contribute WKD support but sadly I'm
out of time currently :-/
>> I did have a patch for mutt but they didn't like the idea :))
>
> Do you have a link to your upstream submission? Maybe others users can help to
> state their interest?
Sure, take a look at the thread starting here:
http://lists.mutt.org/pipermail/mutt-dev/Week-of-Mon-20180702/000157.html
(The patch is not there but it's basically setting external locate
mechanism in gpgme so, except one bugfix that I also found, it would be
a one-liner).
From what I can see Werner also planned to add that but I don't know
how it ended up:
http://lists.mutt.org/pipermail/mutt-dev/Week-of-Mon-20181119/000246.html
> Did you also give it to https://neomutt.org/?
Neomutt deferred to Mutt's mailing list, see:
https://github.com/neomutt/neomutt/issues/1282#issuecomment-411401300
On the bright side I've seen other TUI mail clients planning to add WKD
support e.g. Aerc (homepage: https://aerc-mail.org/), author's opinion
on WKD: https://news.ycombinator.com/item?id=20091100
Kind regards,
Wiktor
--
https://metacode.biz/@wiktor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 919 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190709/b1303e0f/attachment.sig>
More information about the Gnupg-users
mailing list