Refreshing keyring via WKD
Seth McDonald
dev at sethm.id.au
Sun Mar 22 04:29:41 CET 2026
Hi all,
To my understanding, GnuPG has been encouraging the use of WKD over
keyservers for the distribution of public keys. I personally use WKD as
the first method for attaining others' public keys. (I'm yet to set it
up for myself, but I'm planning on it.)
Though when it comes to updating my keyring via --refresh-keys, GnuPG
seems to only be able to use keyservers to obtain the up-to-date keys.
As such, I wish to ask if it is actually possible to refresh the keyring
via WKD (other than manually one-by-one). And if not, if such a feature
could be considered for future releases.
To be clear, what I'm thinking of is: for each public key with a UID
containing an email address, querying the WKD for that email address and
updating the keyring with the received key, if any. Perhaps only
considering the primary UID, since querying for multiple emails per key
may be a bit much.
I'm also not too familiar with how WKD works, so I apologise if my
request demonstrates ignorance on the topic.
In case it's relevant, here's some numbers about my environment.
Debian GNU/Linux 13 (trixie)
| gpg --version | apt show <pkg>
----------+---------------+--------------------
gpg | 2.4.7 | 2.4.7-21+deb13u1+b2
libgcrypt | 1.11.0 | 1.11.0-7
Take care,
Seth McDonald.
--
E9D1 26A5 F0D4 9DF7 792B C2E2 B4BF 4530 D39B 2D51
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20260322/947ac6e4/attachment.sig>
More information about the Gnupg-users
mailing list