Web Key Discovery

Sam Bull gnupg-devel at sambull.org
Mon Mar 26 14:41:30 CEST 2018


On Thu, 2018-03-22 at 08:03 +0100, Werner Koch wrote:
> On Thu, 22 Mar 2018 00:52, gnupg-devel at sambull.org said:
> > Not necessarily. It's the web key directory that requires a key to match the
> > given email address. For example, I am signing this email without it
> > matching
> That is the whole point of the web key directory.
> 
> It maps a mail address to a key.  It is possible to map several mail
> addresses to the same key but the key needs to carry a user ID for each
> key.

Right, but it seems to require mapping the key to the mail address as well, i.e.
it must match in both directions.

If it was only matching an address to a key, then I could configure my server to
map all email addresses to the key I am currently using. This is the correct key
that people should use to contact me, but the user ID would not match, therefore
doesn't work when you require the key to also map to the address.

> > Of course, supporting a wildcard in the user ID would also solve this issue.
> I am not sure what you mean by wildcard.

Well, for example, the email I am using for this mailing list is
gnupg-devel at sambull.org. So, each unique email is a full email under my personal
domain. So by wildcard, I mean something like "*@sambull.org" matching any valid
address under my domain name.

Thanks,
Sam
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20180326/9426cde4/attachment.sig>


More information about the Gnupg-devel mailing list