WKD: Publishing a key for multiple user IDs

David Bürgin dbuergin at gluet.ch
Mon Jul 15 18:03:23 CEST 2019


Under ‘security considerations’ the current WKD draft says:

> The mail provider MUST make sure to publish a key in a way that only the
> mail address belonging to the requested user is part of the User ID
> packets included in the returned key. Other User ID packets and their
> associated binding signatures NUST be removed before publication.

So if I have two email addresses/user IDs me at my.org and me2 at my.org
associated with the same key, I cannot just export the key and publish
it, right? I have to somehow publish two different ‘stripped’ public
keys.

Is there documentation somewhere how to produce the keys for both these
user IDs with GnuPG? (I don’t think the Python generate scripts do this
properly, or do they?)

Cheers,


-- 
David
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190715/1ecb36fc/attachment.sig>


More information about the Gnupg-users mailing list