Please tackle the Right Thing (was: WKD Checker)

Werner Koch wk at
Tue Jan 19 11:11:52 CET 2021


It has been mentioned several time here that the use of the openpgpkey
sub-domain is required to allow implementation of the Web Key Directory
in browsers.  This is a real world use case and pretty important for web
mailers like protonmail.

I would suggest that you put your energy on a useful task instead of
confusing people here with crude arguments why we should support invalid
X.509 certificates for TLS connections.

Thus go for Google and Mozilla and convince them that SRV records are
important for many applications.  That is not just for the Web Key
Directory but also for XMPP clients in a browser and many other modern
protocols.  After that as been achieved we can eventually migrate back
to SRV records.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <>

More information about the Gnupg-users mailing list