WKD proper behavior on fetch error

Erich Eckner gnupg at eckner.net
Sun Jan 17 10:48:17 CET 2021


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi all,

On Thu, 14 Jan 2021, Werner Koch via Gnupg-users wrote:

> On Thu, 14 Jan 2021 01:47, Ángel said:
>
>> I understand this to mean it as "only use the direct method if the
>> required sub-domain does not exist", with the SHOULD meaning that the
>> direct method is not required (not sure why, I would have probably used
>
> Right.  The subdomain is actually a workaround for SRV RR.  We can't
> use the latter in browser based implementation and thus need to resort
> to this hack.

Forgive my ignorance, but can someone explain, what "browser based 
implementation" of WKD exists (or might exist) and/or why this is 
desirable?

Shouldn't the WKD draft rather give the WKD implementation the 
responsibility to use a proper dns client library? I assume other 
protocols (which allow SRV records to redirect requests) do this (xmpp, 
irc, ...)?

regards, Erich

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE3p92iMrPBP64GmxZCu7JB1Xae1oFAmAEB+IACgkQCu7JB1Xa
e1oQwg/9FXVLP3RCDVsSERDwF1LV/nDx9xRJZSWixyxG+v5huW/jxT1C4xdJ4M8P
6dB/4I1CQSNd4c9/MflG3wOjKR+lA1RmtiXYX2ocK2armjNf0nHoFNCqlDs87AdI
kQUm9YBwPsNeSmzZb1DnbV0oU2y0Yv7EcxJygByR7G1WSPjnxyiwXtuu5e6Lpw96
06kyEf0+jyg7x7mn0F3FseQCyBwC9pYbm57Irm+KpCAoLVtPenWdq87R1Ypp4Ez4
nJyrzaC/h2MVXGHZcGb5fBqBYJAKgY9pIQOJ005NLiPW4K2o7mrPOT/DGNOvom8H
+NjtoMKY+Iypp5OOd1juYk/p5yan65H9WWqaiLLhORd+1WENffpHwkClJqCr1Nj4
zxcyxUIuhe8EIWLqmPGW4h/40KmDzJJiFNTASV5ZlI6l2cZPeRLOLbre/yyBvRtB
EiF5lMV2iytepRntblEmFT4CVPdGNYchY8Um5PklGWp59n3zCvJ0hJyhqPwBTKNL
4WFG/raUgdTkQJZlAi+NLGt3oFzycKPqBkaXn5ArYgmgTsUKNqUp8+5OxStbKyG2
9ZEFwzrkpuK1LtuW8xf9RIlqhfnS0IuGkgKE/ZPZl3hI+sT30Isv++4PyNeNFQ9C
64LWYkEEgPNUB70Gv+PFjKku9fv8YIROiFkXJqZ/Iq7a5ngd/48=
=xq9S
-----END PGP SIGNATURE-----


More information about the Gnupg-users mailing list