On Wed, Jan 13, 2021 at 10:00 PM Erich Eckner via Gnupg-users <gnupg-users@gnupg.org> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On Wed, 13 Jan 2021, Juergen Bruckner via Gnupg-users wrote: > > > Hello Stefan! > > Hi all, > > > > > > > [...] > >> sequoia did the right step and I hope for people relying on GnuPG that > >> it is possible for them in the future too. > > > > So did Sequoia do that? > > You consider not to follow policies "the right step"? > > Sorry, but you dont have a clue about security! > > > > The only right way is to follow policies word by word. > > That is certainly correct. But: WKD is "just" a draft, so it's open to > suggestions for change. "Ignore invalid certificates of the advanced URL" > is one suggestion.
Correct a suggestion and Neal for example discussed this with his team in the past and they gave users, like me, the ability for a working solution, without IMHO breaking the specs. > In my view, this whole, lengthy thread boils down to the question, whether > we want that or we don't want that. Well, I see this a bit different. If it comes to discussions or votes on this ML here or the IETF ML, than this is only a minority IMHO and it can also been down voted etc. As you said this is a draft It should formulated this way IMHO that it allows the greatest flexibility in a protokoll, to fulfill all use cases, when it comes to WKD. I also understand that WKD is Werner's baby but when a draft or an RFC is present than it should be allowed to have a healthy discussion. Regards Stefan _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users