WKD proper behavior on fetch error

Ángel angel at pgp.16bits.net
Sun Jan 17 14:47:19 CET 2021

On 2021-01-17 at 10:48 +0100, Erich Eckner wrote:
> Hi all,
> On Thu, 14 Jan 2021, Werner Koch via Gnupg-users wrote:
> > On Thu, 14 Jan 2021 01:47, Ángel said:
> >
> >> I understand this to mean it as "only use the direct method if the
> >> required sub-domain does not exist", with the SHOULD meaning that the
> >> direct method is not required (not sure why, I would have probably used
> >
> > Right.  The subdomain is actually a workaround for SRV RR.  We can't
> > use the latter in browser based implementation and thus need to resort
> > to this hack.
> Forgive my ignorance, but can someone explain, what "browser based 
> implementation" of WKD exists (or might exist) and/or why this is 
> desirable?
> Shouldn't the WKD draft rather give the WKD implementation the 
> responsibility to use a proper dns client library? I assume other 
> protocols (which allow SRV records to redirect requests) do this
> (xmpp, 
> irc, ...)?
> regards, Erich

Hi Erich

I think that would be an implementation such as https://encrypt.to/ or
a wemail that wanted to only source openpgp.js, without needing to set
up a server-side gateway to resolve SRV records.



More information about the Gnupg-users mailing list