WKD & Sequoia

André Colomb andre at colomb.de
Wed Jan 13 17:32:11 CET 2021


Hi Stefan,

On 13/01/2021 17.07, Stefan Claas wrote:
> On Wed, Jan 13, 2021 at 10:22 AM André Colomb <andre at colomb.de> wrote:
> 
>> So the core problem, as with Stefan's case, is the lack of control over
>> the domain's DNS settings.  Which the WKD mechanism relies upon to
>> delegate trust to the domain operators.
> 
> Hi Andre, I wouldn't formulate it this way. I already mentioned that I am able
> to set up for my 300baud.de domain a couple of droplets and use as suggested
> a valid wildcard subdomain cert, like I explained with the bund.de example and
> I am pretty sure that GnuPG and gpg4win will then fail, same as with GitHub.

Sorry, I have no clue what is configured, what works and what should
work regarding WKD on your 300baud.de setup.  Can we please stick to one
real example, not something made up about bund.de?

What are droplets?  For which domain did you generate a wildcard
certificate?  What are the DNS settings on that domain?  I could take a
look at what responses are returned from the real domain, but need some
information at least which OpenPGP user ID should be fetchable over WKD
from that domain.  If you're even interested in learning about how to
set up WKD properly.

Kind regards
André

-- 
Greetings...
From: André Colomb <andre at colomb.de>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210113/b20a890b/attachment.sig>


More information about the Gnupg-users mailing list