I put together a short 1-page document of around 300 words to illuminate the mechanics to a group of friends of the new key lookup via PKA and DANE(1).
The document is available in PNG format at https://beta.samirnassar.com/pgpdns/latest.png and please don't bookmark the URI for long-term use. It is not a cool URI(2). I used "Publishing Keys in DNS(3)" by Damien Goutte-Gattat as a reference. I did not use the OPENPGPKEY RR type since it is not implemented in my DNS server yet(4). I used TYPE37 for PKA and TYPE61 for DANE. If you have comments, concerns, additions, detractions, denouncements, or applause, the document and a sufficiently recent version of GnuPG should help you find a way to share this with me. If you decide to reply to the mailing list, keep in mind that it is a public list and to be considerate of the others on this list. [1] I know, I know: I am not using DNSSEC. [2] Cool URIs don't change: https://www.w3.org/Provider/Style/URI.html [3] Publishing Keys in DNS: https://incenp.org/notes/2015/keys-in-dns.html [4] Knot DNS features: https://www.knot-dns.cz/docs/2.x/singlehtml/index.html#knot-dns-features -- Samir Nassar web: samirnassar.com email: sa...@samirnassar.com PGP: pgp.samirnassar.com
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
