Members

  • This project does not have any members.

Watchers

  • This project does not have any watchers.

Details

Description

Web Key Directory related

Recent Activity

Mon, Mar 30

dkg added a comment to T4886: gpg-wks-server fails on openbsd, because sendmail is in /usr/sbin, not /usr/lib.

thanks!

Mon, Mar 30, 8:32 PM · wkd, gnupg (gpg22), Bug Report
werner closed T4886: gpg-wks-server fails on openbsd, because sendmail is in /usr/sbin, not /usr/lib as Resolved.

Done; will go into 2.2.21 (T4897).

Mon, Mar 30, 5:42 PM · wkd, gnupg (gpg22), Bug Report
werner added a commit to T4886: gpg-wks-server fails on openbsd, because sendmail is in /usr/sbin, not /usr/lib: rG76d2a02dfe8f: wks: Take name of sendmail from configure..
Mon, Mar 30, 5:41 PM · wkd, gnupg (gpg22), Bug Report

Mon, Mar 23

dkg created T4886: gpg-wks-server fails on openbsd, because sendmail is in /usr/sbin, not /usr/lib.
Mon, Mar 23, 4:13 PM · wkd, gnupg (gpg22), Bug Report

Feb 6 2020

aheinecke added a commit to T4839: GpgOL: WKS Confirmation mail is not handled correctly: rOae06defe99fc: Rebuild WKS Confirmation mail to pass it to gpg.
Feb 6 2020, 5:17 PM · gpg4win, wkd, gpgol
aheinecke added a commit to T4839: GpgOL: WKS Confirmation mail is not handled correctly: rOdaf4713a0d16: Fix detection of WKS Confirmation mails.
Feb 6 2020, 5:17 PM · gpg4win, wkd, gpgol

Feb 5 2020

aheinecke created T4839: GpgOL: WKS Confirmation mail is not handled correctly.
Feb 5 2020, 11:16 AM · gpg4win, wkd, gpgol

Jan 14 2020

ringelkrat added a comment to T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets).

Thank you for resolving this issue! I am successfully using version 2.2.19 from the gnupg (2.2.19-1~bpo10+1) package of Debian Backports.

Jan 14 2020, 11:47 AM · gnupg (gpg22), wkd, Bug Report

Dec 17 2019

aheinecke created T4778: GpgOL: Initial WKD lookup slow.
Dec 17 2019, 10:21 AM · gpgol, wkd

Dec 4 2019

werner closed T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets) as Resolved.

Fixed for 2.2.19 and master

Dec 4 2019, 4:28 PM · gnupg (gpg22), wkd, Bug Report
werner added a commit to T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets): rG78bb81e9deec: gpg: Use AKL for angle bracketed mail address with -r..
Dec 4 2019, 4:21 PM · gnupg (gpg22), wkd, Bug Report
werner added a commit to T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets): rG1abb39fdaf44: gpg: Use AKL for angle bracketed mail address with -r..
Dec 4 2019, 2:42 PM · gnupg (gpg22), wkd, Bug Report

Nov 23 2019

werner moved T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets) from Backlog to For next release on the gnupg (gpg22) board.
Nov 23 2019, 8:24 PM · gnupg (gpg22), wkd, Bug Report
ringelkrat added a comment to T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets).

Given that the the angle brackets are elsewhere used to indicate a search by mail address, it would be okay to allow for them in this case too (that is dkg's second example).
[...]
To answer your question: With the exception of case two this is desired behaviour also in the future,

Nov 23 2019, 6:53 PM · gnupg (gpg22), wkd, Bug Report

Nov 16 2019

werner triaged T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets) as Normal priority.
Nov 16 2019, 10:18 AM · gnupg (gpg22), wkd, Bug Report
werner added a comment to T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets).

Given that the the angle brackets are elsewhere used to indicate a search by mail address, it would be okay to allow for them in this case too (that is dkg's second example). The risk of a regression in that case is pretty low.

Nov 16 2019, 10:18 AM · gnupg (gpg22), wkd, Bug Report

Nov 7 2019

ringelkrat added a comment to T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets).
-r  STRING

does a remote key lookup only if STRING is a valid addr-spec. No extraction of the addr-spec from STRING is done and thus angle brackets inhibit the use of a remote lookup.

Nov 7 2019, 4:51 PM · gnupg (gpg22), wkd, Bug Report
werner added a comment to T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets).

does a remote key lookup only if STRING is a valid addr-spec. No extraction of the addr-spec from STRING is done and thus angle brackets inhibit the use of a remote lookup. This was implemented in this way to be as much as possible backward compatible.

Nov 7 2019, 4:02 PM · gnupg (gpg22), wkd, Bug Report

Oct 28 2019

dkg created T4732: X.509 cert for openpgpkey.gnupg.org is expired.
Oct 28 2019, 11:36 PM · gpgweb, Bug Report

Oct 24 2019

dkg added a comment to T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets).

@werner, you seem to be saying that -r does not imply "key lookups on remote services". Is that correct?

Oct 24 2019, 8:42 PM · gnupg (gpg22), wkd, Bug Report

Oct 23 2019

ringelkrat added a comment to T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets).

This is a misunderstanding. The extraction of mail addresses is only doe for key lookups on remote services. Thus the -r case is as intended.

Oct 23 2019, 1:26 PM · gnupg (gpg22), wkd, Bug Report
werner added a comment to T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets).

This is a misunderstanding. The extraction of mail addresses is only doe for key lookups on remote services. Thus the -r case is as intended.

Oct 23 2019, 11:35 AM · gnupg (gpg22), wkd, Bug Report
ringelkrat added a comment to T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets).

Is this task maybe related to T1927?

Oct 23 2019, 8:07 AM · gnupg (gpg22), wkd, Bug Report
ringelkrat updated subscribers of T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets).

Thank you @dkg for creating the bug report! I would like to glean the following information from the above mentioned discussion.

Oct 23 2019, 8:00 AM · gnupg (gpg22), wkd, Bug Report
dkg created T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets).
Oct 23 2019, 3:24 AM · gnupg (gpg22), wkd, Bug Report

Sep 2 2019

werner claimed T4679: WKD spec should document exactly when a client should fall back from "advanced" to "direct" URL.
Sep 2 2019, 2:59 PM · Documentation, wkd

Aug 21 2019

dkg added a comment to T4679: WKD spec should document exactly when a client should fall back from "advanced" to "direct" URL.

This was also raised for (hopefully) wider discussion on the IETF mailing list.

Aug 21 2019, 8:32 PM · Documentation, wkd

Aug 20 2019

dkg created T4679: WKD spec should document exactly when a client should fall back from "advanced" to "direct" URL.
Aug 20 2019, 10:59 PM · Documentation, wkd

Jul 5 2019

werner closed T4595: GPG: auto-key-retrieve should prefer WKD over Keyserver as Resolved.

Done for master and 2.2.

Jul 5 2019, 10:49 AM · gnupg (gpg22), wkd
werner added a commit to T4595: GPG: auto-key-retrieve should prefer WKD over Keyserver: rG3242837d203a: gpg: With --auto-key-retrieve prefer WKD over keyservers..
Jul 5 2019, 10:44 AM · gnupg (gpg22), wkd
werner added a commit to T4595: GPG: auto-key-retrieve should prefer WKD over Keyserver: rG96bf8f477805: gpg: With --auto-key-retrieve prefer WKD over keyservers..
Jul 5 2019, 10:33 AM · gnupg (gpg22), wkd
werner triaged T4613: document implementation guidance for WKD clients in draft-koch-openpgp-webkey-service as Normal priority.
Jul 5 2019, 7:32 AM · Documentation, wkd

Jul 4 2019

dkg created T4613: document implementation guidance for WKD clients in draft-koch-openpgp-webkey-service.
Jul 4 2019, 11:04 PM · Documentation, wkd
werner closed T4603: dirmngr WKD redirection changes paths as Resolved.

Fix will be in 2.2.17

Jul 4 2019, 4:26 PM · gnupg (gpg22), wkd, dirmngr, Bug Report

Jul 3 2019

wiktor-k added a comment to T4595: GPG: auto-key-retrieve should prefer WKD over Keyserver.

@dkg I believe @aheinecke gave the GpgOL description just as an example of why WKD-first retrieval would be beneficial (for details of that see https://wiki.gnupg.org/AutomatedEncryption#Trust_Levels) and I believe this ticket is a follow-up to my question on gnupg-devel ML: https://lists.gnupg.org/pipermail/gnupg-devel/2019-June/034372.html

Jul 3 2019, 7:26 PM · gnupg (gpg22), wkd
dkg added a comment to T4595: GPG: auto-key-retrieve should prefer WKD over Keyserver.

auto-key-retrieve happens in the context of signature verification when the certificate is missing. If no signer User ID subpacket is present in the signature, then WKD simply won't work.

Jul 3 2019, 7:11 PM · gnupg (gpg22), wkd
werner moved T4595: GPG: auto-key-retrieve should prefer WKD over Keyserver from Backlog to For next release on the gnupg (gpg22) board.
Jul 3 2019, 6:14 PM · gnupg (gpg22), wkd
werner edited projects for T4595: GPG: auto-key-retrieve should prefer WKD over Keyserver, added: gnupg (gpg22); removed gnupg.
Jul 3 2019, 6:12 PM · gnupg (gpg22), wkd
werner added a parent task for T4595: GPG: auto-key-retrieve should prefer WKD over Keyserver: T4606: Release GnuPG 2.2.17.
Jul 3 2019, 6:11 PM · gnupg (gpg22), wkd
werner added a parent task for T4603: dirmngr WKD redirection changes paths: T4606: Release GnuPG 2.2.17.
Jul 3 2019, 6:11 PM · gnupg (gpg22), wkd, dirmngr, Bug Report
werner moved T4603: dirmngr WKD redirection changes paths from Backlog to For next release on the gnupg (gpg22) board.
Jul 3 2019, 6:01 PM · gnupg (gpg22), wkd, dirmngr, Bug Report
werner triaged T4603: dirmngr WKD redirection changes paths as Normal priority.
Jul 3 2019, 4:25 PM · gnupg (gpg22), wkd, dirmngr, Bug Report
werner changed the status of T4603: dirmngr WKD redirection changes paths from Open to Testing.

I did some manual tests using netcat and KS_FETCH to test the redirection.

Jul 3 2019, 4:24 PM · gnupg (gpg22), wkd, dirmngr, Bug Report
werner added a commit to T4603: dirmngr WKD redirection changes paths: rGc9b133a54e93: dirmngr: Do not rewrite the redirection for the "openpgpkey" subdomain..
Jul 3 2019, 4:22 PM · gnupg (gpg22), wkd, dirmngr, Bug Report
werner added a commit to T4603: dirmngr WKD redirection changes paths: rG37f0c55c7be3: dirmngr: Do not rewrite the redirection for the "openpgpkey" subdomain..
Jul 3 2019, 4:20 PM · gnupg (gpg22), wkd, dirmngr, Bug Report
dkg added a comment to T4603: dirmngr WKD redirection changes paths.

I think you're suggesting accepting *any* path if the hostname of the proposed redirection matches openpgpkey.example.org when querying the WKD direct URL for an @example.org address. That would also be a fine solution from my point of view.

Jul 3 2019, 4:13 PM · gnupg (gpg22), wkd, dirmngr, Bug Report
werner added a comment to T4603: dirmngr WKD redirection changes paths.

I head the same idea when I read your configuration. Given that the advanced lookup was not reallydeployed (see T4590) I also expect that we will receive complains now that it works. Thus white listing any "openpgpkey." seems to me a reasonable easy solution.

Jul 3 2019, 3:52 PM · gnupg (gpg22), wkd, dirmngr, Bug Report
werner closed T4590: dirmngr does not perform WKD advanced lookup as Resolved.

Will be in 2.2.17

Jul 3 2019, 3:46 PM · gnupg (gpg22), wkd, dirmngr, Bug Report
werner added a comment to T4590: dirmngr does not perform WKD advanced lookup.

Oh dear, that happens if one is always on master. I simply forgot to cherry pick the change from master back in November.
Two commits, though.

Jul 3 2019, 3:45 PM · gnupg (gpg22), wkd, dirmngr, Bug Report
werner added a commit to T4590: dirmngr does not perform WKD advanced lookup: rG2c6d94702a67: dirmngr: Fix previous commit.
Jul 3 2019, 3:43 PM · gnupg (gpg22), wkd, dirmngr, Bug Report