WKD proper behavior on fetch error

Stefan Claas spam.trap.mailing.lists at gmail.com
Tue Jan 19 19:06:41 CET 2021


On Tue, Jan 19, 2021 at 1:14 PM Werner Koch via Gnupg-users
<gnupg-users at gnupg.org> wrote:
>
> On Tue, 19 Jan 2021 09:28, Neal H. Walfield said:
>
> > When you look up the openpgpkey.example.org domain, you are revealing
> > to anyone snooping DNS traffic that you are using OpenPGP and are
> > looking for a key related to example.org.  That's a privacy issue.
>
> No, it isn't.  The next thing you do is to send the mail and get a
> reply.  Get real.

I share the same sentiments as Neal, why?

I am aware that the whole WWW can be scraped or searched in about
a couple of minutes and let's say in my GitHub case I could imagine
that for an explicit openpgpkey subdomain it could be possible to
get all WKD directories, with an openpgpkey subdomain part, in
case GitHub would do this (which they will hopefully not do.)

And at least we have the direct-method for usage without an
openpgpkey sub or sub-sub domain part. So why give WKD
enthusiast not this option and out of curiousity please try to
explain to us why the current draft say MUST and not MAY
or SHOULD? I like to learn, because WKD is freaking cool
with OpenPGP apps, like sequoia-pgp or Mailvelope etc.

Best regards
Stefan



More information about the Gnupg-users mailing list