WKD: returns only one pubkey (and why)

Dashamir Hoxha dashohoxha at gmail.com
Wed Dec 14 12:20:40 CET 2022


On Wed, Dec 14, 2022 at 11:31 AM Andrew Gallagher <andrewg at andrewg.com>
wrote:

> However I am not sure, can we find out the userids of the key that is used
> to sign? If not, then we cannot infer the domain of the well-known url.
>
>
> See Neal’s earlier comment. We can in principle, but only if the signer
> has added that subpacket to their signature, which cannot be relied upon.
>

Thanks for pointing this out. I did see the Neal's message but did not
grasp its meaning.
https://lists.gnupg.org/pipermail/gnupg-devel/2022-December/035177.html

Indeed, when we sign something, we can also include the user's id with the
option "--sender":
https://www.gnupg.org/documentation/manuals/gnupg/GPG-Key-related-Options.html

For example: `gpg --sign -a --sender alice at example.com file-to-be-signed`

If the signer wants the people to be able to verify his signature, then he
can certainly include his ID on the signature. We can rely on this. The
client that is trying to verify the signature can find both the key id and
the user id, so he can construct a valid well-known url for retrieving the
public key.

In this case we might need a directory service to lookup the userid(s) that
> are associated with a certain key id (think of it like a phone book -- you
> know the phone number and you can find the name of its owner). This
> directory service might be based on blockchains, or it might be a modified
> (simplified?) version of the current keyservers.
>
>
> If you think keyservers are prone to abuse and spam, you *do not* want a
> blockchain.
>

You are right. A blockchain may not be able to ensure even the uniqueness
of the published key (several records for the same key id, and you don't
know which one is valid). Probably other problems as well.

However, if we have such a directory service, then we can just list the url
> where the public key is located, so maybe we don't need a "well-known url"
> format.
>
>
> Or we could just serve the key directly from the directory… ;-)
>

It is not the same, in my opinion, because you cannot delete the key from a
keyserver, but you can delete the key from a web directory (which is under
your control).

Dashamir
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20221214/c743cec9/attachment.html>


More information about the Gnupg-devel mailing list