WKD proper behavior on fetch error
juergen at bruckner.email
Sun Jan 17 22:13:23 CET 2021
Am 17.01.21 um 21:44 schrieb Stefan Claas:
> On Sun, Jan 17, 2021 at 9:40 PM Juergen Bruckner via Gnupg-users
> <gnupg-users at gnupg.org> wrote:
>> I can only agree with Andre's words.
> Perfectly fine for me if you take this route.
>> And as far as Sequoia is concerned, Stefen's explanations only confirmed
>> that this is software that I definitely don't want to use.
> You don't have to, because we live in a free world.
Yes we live in a free world, and you shouldn't forget this!
>> Software that accepts an invalid digital certificate as correct, has no
>> place in an environment where security and confidentiality are concerned.
>> This is an a b s o l u t e NO-GO.
> You talking nonsense while not knowing!
Thank you very much! I'll take that as compliment!
>> GnuPG doesn't have to change anything here.
>> The change MUST be made at Sequoia, preferably yesterday!
> Utterly nonsense, IMHO. sequoia-pgp, Mailvelope (supported by BSI
> and *audited*) and flowcrypt do all work with github.io pages! And you
> were not able to reply to me here if your WKD set-up for dummies worked
> for you. So much for that part...
If something, or a software ist supported by BSI and/or audited *does
not* say it is free of bugs or failures.
Your showcase with github.io also says nothing else than that Sequoia
considers an invalid certificate to be correct. That this happens in
audited software says just as much about the value of the audit.
And it's not 'my' setup for dummies, it was a general question because
most of the explanations are very specific and can pose major problems
for a 'beginner'.
I have been using WKD successfully in different versions for a long
time. The only thing that was new for me in this context is the
possibility of implementing WKD via the openpgp server using a CNAME entry.
/¯\ No |
\ / HTML | Juergen Bruckner
X in | juergen at bruckner.email
/ \ Mail |
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3894 bytes
Desc: S/MIME Cryptographic Signature
More information about the Gnupg-users