Notmuch support for GnuPG Web Key Directory

Teemu Likonen tlikonen at iki.fi
Fri Jul 19 22:53:01 PDT 2019


Ralph Seichter [2019-07-10T21:58:00+02] wrote:

> I have set up a Web Key Directory (see https://wiki.gnupg.org/WKD),
> which is easy to do, and now I am wondering about Notmuch support for
> WKD. Has anybody considered this, and perhaps even compiled a list of
> necessary steps to implement it?

What WKD support would mean for Notmuch front-end programs? I know that
WKD is a key locating technology for GnuPG or OpenPGP keys in general
but it seems to me that it is GnuPG's job. With "auto-key-locate"
settings in place a command like

    gpg --encrypt --recipient person at domain

would include WKD key lookup if the recipient's key isn't found from the
local keyring. Also, signature checking with "auto-key-retrieve" option
in GnuPG 2.2.17 will prefer WKD over keyservers (by default).

So, what is there left for Notmuch and email clients? Do you mean a
button like "Locate message sender's key" which would run a command like
this:

    gpg --auto-key-locate clear,nodefault,wkd,keyserver \
        --locate-key person at domain

(Or use --locate-external-key which is in GnuPG 2.2.17.)

-- 
///  OpenPGP key: 4E1055DC84E9DFF613D78557719D69D324539450
//  https://keys.openpgp.org/search?q=tlikonen@iki.fi
/  https://keybase.io/tlikonen  https://github.com/tlikonen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 507 bytes
Desc: not available
URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20190720/125bb6cc/attachment.sig>


More information about the notmuch mailing list