[Gpg4win-users-en] WKD for OpenPGP certificate "Intevation File Distribution Key <distribution-key at intevation.de>"

Bernhard Reiter bernhard at intevation.de
Thu Aug 8 12:04:08 CEST 2019


Am Mittwoch 07 August 2019 15:49:36 schrieb Thomas Arendsen Hein:
> OpenPGP keys are needed when you want to encrypt to someone
> _or_ when you want to verify a signature made by someone else.
>
> WKD should support these two basic use cases.

The short answer is: Only publishing one active pubkey does this already,
when you receive or send an email.

As for old email's signatures, one good solution is that you will have the 
pubkey already in your database with a record when you have gotten it and 
from where. Otherwise you get in from a keyserver and check other data, like
third party signature with the special case of a signatures by the new key.
There are more possibilities as well.

However this is a brief and simplified answer, because I think we should put 
the discussion where most of it was done which is gnupg-devel and not on a 
list for users.

Regards,
Bernhard




-- 
www.intevation.de/~bernhard   +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.wald.intevation.org/pipermail/gpg4win-users-en/attachments/20190808/4765f93d/attachment.sig>


More information about the Gpg4win-users-en mailing list