- Distribute the key along with your mail address using the Web Key directory.aren't there also proposals to do this via special mime types?"Problem" is that .asc is not only used for key distribution, but also for normal signatures. Iirc this at least bites the original intent.
File “extension” means nothing here. Web Key Directory (WKD) is this; it does not have any file extension: https://wiki.gnupg.org/WKD https://datatracker.ietf.org/doc/draft-koch-openpgp-webkey-service/The proper MIME type for WKD is application/octet-stream, according to § 3.1 of WKD (draft 19) linked above.
**Important:** When you attach your key to mail, use the MIME type application/pgp-keys. Consult your mail client’s manual for instructions. It shouldn’t matter what the filename is; if the filename is “iloveyou.doc.exe” and the MIME type is application/pgp-keys, a proper receiving mail client will see it as a PGP key.
A combination of DKIM and special email addresses which send emails which are signed and include the public key so that the email can be used to verify itself also seems a cryptographically verifiable thing (if it is).
No, it’s not. Please study cryptography before attempting protocol design.
(I still cannot believe that these post quantum things will all be so terribly huge data things.)
I attached a post-quantum thing to my prior list message, and it is downloadable from the list server; observe the size and the correct MIME type:
https://lists.gnupg.org/pipermail/gnupg-users/2025-January/067460.html
-------------- next part -------------- A non-text attachment was scrubbed... Name: have-post-quantum-anonymous-sex.asc Type: application/pgp-keys Size: 3106 bytes Desc: not available URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20250107/4732a382/attachment.key>
Fingerprint: 01A6D 81EEA D7EEE C393D EC140 1F489 4C154 E1B8E E32E9 059CAThat 3106 bytes is the ASCII-armored version of a blob with an ed448 primary certification and signing key (non-PQ), a ky1024_cv448 subkey (PQ), one simple userid, and one trust signature from my ed25519 (v4) key.
Requires GnuPG 2.5.1 or later.
[i removed h...@anonymous.sex; never did such..]
Rude. Shame on you. -- # Remember these on Wednesday, January 15, 2025: https://web.archive.org/web/19971024171609/http://www.eff.org/blueribbon.html https://web.archive.org/web/19971114041230/http://www.eff.org/pub/Legal/Cases/ACLU_v_Reno/19970626_eff_cda.announce https://www.supremecourt.gov/search.aspx?filename=/docket/docketfiles/html/public/23-1122.html
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
