WKD refreshing (was: distributing pubkeys: autocrypt, hagrid, WKD)

Bernhard Reiter bernhard at intevation.de
Tue Jul 2 09:18:30 CEST 2019


Am Montag 01 Juli 2019 18:33:41 schrieb Werner Koch via Gnupg-users:
> I consider to change this so that gpg always tries to update
> an expired key via the WKD.

To add to this:
The idea for WKD was to be able to improve the algorithm when a new search is 
done. It is just obvious that the extreme cases to always retrieve a pubkey
when using it and to never again retrieve a pubkey are not suitable.
There is a lot in between, which could also depend on the client and users 
idea of their security compromises. So it is a normal situation with WKD that 
the client algorithm when to refresh will be adapted like Werner is 
mentioning above.

Regards,
Bernhard


-- 
www.intevation.de/~bernhard   +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190702/4d1c2a64/attachment.sig>


More information about the Gnupg-users mailing list