On Tue, 16 Jan 2018 19:51:17 +0100, Werner Koch wrote: > We definitely want to refine some things there but that requires a > wider deployment.
I will for sure follow the WKD development and hope that also more mail providers will offer a WKD service. > > i have with posteo's WKD implementation is that their policy is > > pretty strict, which i personally don't like and i told them so. I > > would like > > Posteo does only allows the mail address (addr-spec) and no real name > in the key for data protection reasons. Thus a > > $ wget -O- posteo.de/.well-known/openpgpkey/policy 2>/dev/null > # Policy for draft-koch-openpgp-webkey-service-04 > mailbox-only > auth-submit > > shows this policy flag. If you upload your key using a tool employing > gpg-wks-client (e.g. Kmail or Enigmail) this policy will be detected > and if a plain addr-spec only user0id does not exists a new user-id > will be created and sent to posteo. > > The real problem with Posteo is that they use invalid certificates for > all but the posteo.de domain. Thus my posteo.net account does not > work because they redirect to posteo.de but do not include posteo.net > in the certificate for the initial access to posteo.net. Bummer. Thanks for the information, much appreciated! Regards Stefan -- https://www.behance.net/futagoza https://keybase.io/stefan_claas _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
