WKD: returns only one pubkey (and why)

Erich Eckner gnupg at eckner.net
Tue Dec 13 17:13:55 CET 2022


On Tue, 13 Dec 2022, Simon Josefsson via Gnupg-devel wrote:

> This thread was useful to me to understand that there really are two
> conflicting desired features here:
>
>  1) Use WDK to map ONE email address to ONE public key to use for
>  email.
>
>  2) Use WDK to find ALL public keys for an email address.
>

[ ... snip ... ]

> However maybe what we can achieve is that WDK could ALSO cater to the
> use-case of 2).  What do you think?

just a quick comment: your proposal looks ok to me for WKD - but what 
about WKS? One would need a protocol to remove "old" keys from the "all 
keys" bundle. Does WKS already come with a mechanism for that? Or does it 
currently rely on replacing the old key with a new one?

[ ... snip ... ]

>
> /Simon
>

regards,
Erich




More information about the Gnupg-devel mailing list