WKD question

Sat Aug 1 15:00:26 CEST 2020

Stefan Claas wrote:

> Damien Goutte-Gattat wrote:
>  
> > On Mon, Jul 27, 2020 at 10:00:07PM +0200, Stefan Claas wrote:
> > >For testing my new Nitrokey I have just install Enigmail for
> > >Thunderbird on a fresh Ubuntu system and when clicking on
> > >a signed message from a friend, which has properly set-up
> > >WKD Thunderbird/Enigmail can not fetch the pub key. :-(
> > 
> > Unless I missed something, I believe Enigmail will only attempt to 
> > automatically fetch a key from a Web Key Directory when *composing* a 
> > message (if there’s no key for the recipient in the local keyring), and 
> > *not* when checking a signature on a received message.
> > 
> > See that excerpt from Enigmail 2.0 changelog [1]:
> > 
> > > Support for Web Key Directory (WKD) is implemented. Enigmail will try 
> > > to download unavailable keys during message composition from WKD.
> 
> Ah, ok, thanks. I thought it will fetch also automatically when checking
> signatures.
> 
> > You can force GnuPG to try to fetch a missing key when verifying a 
> > signature by enabling the --auto-key-retrieve option (please read the 
> > note about the “web bug” in gpg’s man page before doing so—that option 
> > is disabled by default for a reason.)
> 
> I enabled it now and it works. :-)

One more question, I tried to verify Werner's signature, from postings here
on the ML, but his signature could not be verified, due to a missing pub key
(0xFF80AE9D1DEC358D). But when looking at Wiktor's WKD checker a key is present,
but with a different Fingerprint.

https://metacode.biz/openpgp/web-key-directory

Regards
Stefan

-- 
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 805 bytes
Desc: Digitale Signatur von OpenPGP
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200801/82cda18f/attachment.sig>