over in debian system administration configuration, weasel is trying to set up WKD for debian.org at the WKD advanced location.
Given T4590, currently we're also aiming to support the WKD direct location, but have it provide an HTTP redirection to the WKD advanced location, but dirmngr is apparently stripping the domain component from the path when it sees the redirection.
This results in the workaround listed at the above link, where we're also hosting the data at some weird non-direct, non-advanced location:
# Legacy GPG versions (including 2.2.12 in buster/Debian 10) get redirections from # the (not supposed to be default) direct method wrong. # They ask for https://debian.org/.well-known/openpgpkey/hu/<hash> # get a redirect to https://openpgpkey.debian.org/.well-known/openpgpkey/debian.org/hu/<hash> # and then try to fetch https://openpgpkey.debian.org/.well-known/openpgpkey/hu/<hash> # *sigh* Alias /.well-known/openpgpkey/hu/ /srv/static.debian.org/mirrors/openpgpkey.debian.org/cur/debian.org/hu/ Alias /.well-known/openpgpkey/policy /srv/static.debian.org/mirrors/openpgpkey.debian.org/cur/debian.org/policy # The draft specified well-known place using the "advanced method" Alias /.well-known/openpgpkey/ /srv/static.debian.org/mirrors/openpgpkey.debian.org/cur/
I'd like to get rid of this workaround because nothing in draft-koch-openpgp-webkey-service-08 mentions anything about filtering HTTP redirections, so it is perplexing that dirmngr would do that.
i imagine that some WKD clients will end up searching for the direct location eventually even after T4590 is fixed, and we want the redirection to just work, without this non-standard mirroring.
2019-07-02 11:46:39 dirmngr[16171.6] URL 'https://debian.org/.well-known/openpgpkey/hu/oznc63nmi1yehhby98r4cke4femxniz3?l=weasel' redirected to 'https://openpgpkey.debian.org/.well-known/openpgpkey/debian.org/hu/oznc63nmi1yehhby98r4cke4femxniz3?l=weasel' (302) 2019-07-02 11:46:39 dirmngr[16171.6] redirection changed to 'https://openpgpkey.debian.org/.well-known/openpgpkey/hu/oznc63nmi1yehhby98r4cke4femxniz3?l=weasel'