WKD proper behavior on fetch error

Stefan Claas spam.trap.mailing.lists at gmail.com
Sat Jan 16 02:20:17 CET 2021


On Sat, Jan 16, 2021 at 1:45 AM raf via Gnupg-users
<gnupg-users at gnupg.org> wrote:

> But there is no certificate that covers that sub-sub-domain.
> That's why browsers complain if you go to
> https://openpgpkey.sac001.github.io/.

A quick question, if you don't mind. Why do people here on this ML
insist on a sub-sub domain, named openpgpkey? Have you
ever maintained a web server? I am not using the html protokoll
that much, but for me the openpgpkey part in, the for me fictious, URL,
causes this error, because GnuPG or gpg4win is looking for this.

I ask, because for me the proper URL would be:

https://sac001.github.io/.well-kown/openpgpkey/etc..

And therefore I see absolutely no reason why GitHub or anybody
else should change their valid SSL cert(s) or do elsewhere some
mumbo jumbo, so to speak.

And even if people had to set-up this extra steps for the advanced
method than at least there is still some room for explaining while
then using also the direct method, or not, because of the name
'advanced', which tells me it has higher priotity than direct.

I must say good night now.

Best regards
Stefan



More information about the Gnupg-users mailing list