wks for sign-only keys

Bernhard Reiter bernhard at intevation.de
Fri Jan 11 09:05:41 CET 2019


Am Mittwoch 09 Januar 2019 11:55:12 schrieb Erich Eckner:
> I'm currently setting up wkd and wks on my server. This works great for
> keys which can encrypt and sign. However, when I try to publish a

> gpg-wks-client: creating request failed: Unusable public key

One of the design ideas of WKD/WKS is that it is as simple as possible.
A pubkey without the ability to be encrypted to is a special case.

Maybe some special cases could be supported in the future, but in my view this
would need a very good reason, so that the hassle of added complexity is worth 
it.

So what is your use case? Why not just use a pubkey with allows encryption
and do not use it, if you don't need it? To me the encryption test has the 
advantage to check that it is actually possible to retrieve a pubkey for an 
email address and right away use it for encryption to this address.


Best Regards,
Bernhard

-- 
www.intevation.de/~bernhard   +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20190111/2e111585/attachment-0001.sig>


More information about the Gnupg-devel mailing list