On Sat, Jan 16, 2021 at 2:25 AM Ángel <an...@pgp.16bits.net> wrote: > > On 2021-01-15 at 20:34 +0100, Stefan Claas via Gnupg-users wrote: > > If you or someone else set's up a web server, for a big organisation > > or for yourself, you simple put in the .well-known folder some > > content which would look most likely then like this: > > > > http://domain.tld/.well-known/etc... or maybe > > https://sub.domain.tld/.well-known/etc... > > > Right. For instance, you would use either > https://300baud.de/.well-known/... > https://openpgpkey.300baud.de/.well-known/... > > > > If someone writes now a program which needs to access content in the > > well-known folder, why does a software author needs to implement two > > methods to access the well-known folder? This part for example I do > > not understand, because if one method is not good or secure enough I > > would simply drop one method an implement only the more secure and > > more reliable one, or not? > > Because the specification says that it can be in those two places.
Do I understand you correctly that if one uses now a subdomain like https://keys.300baud.de/.well-known/etc ... this would work and if so why does it not work with: https://sac001.github.io/.well-known/etc... I ask because in my set-up which I would use I would do so and then add in the SSL cert a subdomain wildcard entry to cover host a and host b and like explained I would put keys from all in the WKD directory of host keys. Best regards and Good Night Stefan _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
