publishing PGP keys in DNS

Bjoern Schiessle bjoern at schiessle.org
Wed Dec 21 12:00:40 CET 2016


Hi Werner,

thanks for the explanation.

On Wed, 21 Dec 2016 09:22:17 +0100 Werner Koch wrote:
>
> Anyway, I would suggest to avoid DNS and use the Web Key Directory
> instead. See
> <https://gnupg.org/blog/20161027-hosting-a-web-key-directory.html>. I
> can also offer to work with schokokeks.org to setup the whole thing
> for all their users.

Yesterday I already set this up successfully for my domain
(schiessle.org). I just thought that having the DNS record as well would
be a nice addition. But then I will just keep the WKD if this is the
recommended way.

One more question to the WKD. I changed my gpg.conf to:

auto-key-locate cert pka wkd keyserver

Does this means that gpg will try to find a WKD and a corresponding
public key automatically if I write a email to someone I don't have a
public key yet? Or will the lookup happen if I receive a mail?

Thanks!
Björn





-- 
Björn Schießle <bjoern at schiessle.org>
www: http://www.schiessle.org
twitter: @schiessle
gnupg/pgp key: 0x0x2378A753E2BF04F6
verify: https://keybase.io/BeS
fingerprint: 244F CEB0 CB09 9524 B21F B896 2378 A753 E2BF 04F6
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20161221/88f2b8e7/attachment.sig>


More information about the Gnupg-users mailing list