get OpenPGP pubkeys authenticated using German personal ID

Jacob Bachmeyer jcb62281 at
Sat Jun 3 02:56:15 CEST 2023

Alexander Leidinger via Gnupg-users wrote:
> [...]
> I don't remember if there was a challenge/response or not. As I still 
> have the email with the signed key, I can tell that the signature can 
> arrive via a TLS encrypted SMTP channel directly from governicus (and 
> they have a SPF setup but not DKIM):
> ---snip---
> Received: from ( [])
>  (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
>   key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256
>   client-signature RSA-PSS (4096 bits) client-digest SHA256)
>  (Client CN "", Issuer "" (not verified))
> ---snip---

Am I misreading that header or does Governikus' outgoing SMTP have a 
self-signed client certificate for ''?  That 
does not inspire confidence...

-- Jacob

More information about the Gnupg-users mailing list