Egon

Michael Richardson mcr at sandelman.ca
Mon Aug 25 19:40:57 CEST 2025 

Andrew Gallagher via Gnupg-users <gnupg-users at gnupg.org> wrote:
    >> So I automated the process using libcurl and GPGME.
    >>
    >> $ egon rob.hansen at protonmail.com
    >>
    >> ... will cheerfully query Proton for my OpenPGP certificate and import
    >> it into GnuPG.

    > Does `gpg --locate-key` not work for you? They expose a WKD server...

I didn't know about --locate-key.
I wondered if it would work on my own key.
I have a not-very-scalable WKD server created with some Apache rewrites.

obiwan-[~](3.3.8) mcr 10037 %gpg --locate-key mcr at sandelman.ca
pub   rsa3072 2019-11-07 [SC] [expired: 2020-11-06]
      A30FF5A8356001B58BDB3C587002AEC2CCD88043
uid           [ expired] Michael Richardson <mcr+china at sandelman.ca>
uid           [ expired] Michael Richardson <mcr at sandelman.ca>

uhm. What?  It's not even valid. That's not useful, given:

obiwan-[~](3.3.8) mcr 10038 %gpg --list-keys mcr at sandelman.ca
pub   rsa2048 2005-11-06 [SC] [expires: 2026-01-20]
      6ECC8B13383FA944C0E37BA8808B70FBDDD0DD65
uid           [ultimate] Michael Richardson (general purpose type 4 key) <mcr at sandelman.ca>
uid           [ultimate] Michael Richardson <michael.charles.richardson at gmail.com>
uid           [ultimate] Michael Richardson <mcr+ietf at sandelman.ca>
uid           [ultimate] Michael Richardson <mcr at sandelman.ca>
uid           [ultimate] Michael Richardson <mcr at sandelman.ottawa.on.ca>
uid           [ultimate] Michael Richardson <mcr at xelerance.com>
uid           [ultimate] Michael Richardson <mcr at credil.org>
uid           [ultimate] Michael Richardson <mcr at gnu.org>
uid           [ultimate] Michael Richardson <mcharlesr at gmail.com>
sub   rsa2048 2006-11-16 [E]

pub   rsa3072 2019-11-07 [SC] [expired: 2020-11-06]
      A30FF5A8356001B58BDB3C587002AEC2CCD88043
uid           [ expired] Michael Richardson <mcr+china at sandelman.ca>
uid           [ expired] Michael Richardson <mcr at sandelman.ca>


So I expected --locate-key would actually go and find the key, and see if it
might need updating.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
]     mcr at sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 511 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20250825/1a4c1294/attachment.sig>

More information about the Gnupg-users mailing list