Notmuch support for GnuPG Web Key Directory

Teemu Likonen tlikonen at
Fri Jul 19 22:53:01 PDT 2019

Ralph Seichter [2019-07-10T21:58:00+02] wrote:

> I have set up a Web Key Directory (see,
> which is easy to do, and now I am wondering about Notmuch support for
> WKD. Has anybody considered this, and perhaps even compiled a list of
> necessary steps to implement it?

What WKD support would mean for Notmuch front-end programs? I know that
WKD is a key locating technology for GnuPG or OpenPGP keys in general
but it seems to me that it is GnuPG's job. With "auto-key-locate"
settings in place a command like

    gpg --encrypt --recipient person at domain

would include WKD key lookup if the recipient's key isn't found from the
local keyring. Also, signature checking with "auto-key-retrieve" option
in GnuPG 2.2.17 will prefer WKD over keyservers (by default).

So, what is there left for Notmuch and email clients? Do you mean a
button like "Locate message sender's key" which would run a command like

    gpg --auto-key-locate clear,nodefault,wkd,keyserver \
        --locate-key person at domain

(Or use --locate-external-key which is in GnuPG 2.2.17.)

///  OpenPGP key: 4E1055DC84E9DFF613D78557719D69D324539450
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 507 bytes
Desc: not available
URL: <>

More information about the notmuch mailing list