Questions about Web Key Directory I-D version 06
Werner Koch
wk at gnupg.org
Mon May 28 11:30:55 CEST 2018
On Wed, 23 May 2018 20:35, gnupg-devel at gnupg.org said:
> If the HTTP response is a redirect code (301, etc.) should it be
> followed? As far as I can see both gnupg and servers in the wild
I'd say yes. This is a part of the HTTP specification and thus not
explicity mentioned in the I-D.
> (e.g. kernel.org) utilize redirects. Are there any restrictions
> to these redirects (e.g. only to https schemes? or is http also
> allowed?).
http is never allowed anywhere for any purpose.
Restrictions are the max. number of allowed redirections; this is
implementation defined.
> 2. The I-D mentions in several places Content-Type:
> application/octet-string, I think this is a typo, it should be
> application/octet-stream.
Thanks for noting. I found one place and fixed it.
> Sub-question: is there no better media type? I've browsed the IANA
> registry, sadly application/pgp-keys is only for armored keys (RFC 3156 [1]).
application/octet-stream is the easiest thing and usual the default a
server will use if if can't figure out otherwise.
Shalom-Salam,
Werner
--
# Please read: Daniel Ellsberg - The Doomsday Machine #
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20180528/df701907/attachment-0001.sig>
More information about the Gnupg-devel
mailing list