Follow

I published a new article. Today it's about and key discovery. It's split into a part that explains what the current methods are to recieve a public key of someone else and how WKD comes in here, followed by a hands-on part on how to setup WKD for your domain. Hope you enjoy 😉

shivering-isles.com/Lets-disco

@sheogorath Definitely, looks really nice, can I nitpick some small details?

@wiktor Always!

Feel free to correct me :D You can either do it here on Mastodon or directly via Merge Request 😉 Whatever you prefer.

octo.sh/Sheogorath/blog/blob/d

@sheogorath 🤔 It seems the spec actually recommends generic `application/octet-stream` Content-Type (tools.ietf.org/html/draft-koch "The server SHOULD use "application/octet-stream" as the Content-Type for the data").

Previous editions recommended pgp-keys but this media type is reserved for armored keys (see tools.ietf.org/html/rfc3156#se) not binary.

@sheogorath `mailbox-only` means accepted user IDs are not the usual `John Doe <john@example.com>` but contain mailbox only: `john@example.com`. I know of only one provider that needs this (Posteo.de) due to their policy of not publishing real names of customers.

I think vast majority of people would use just an empty policy file. This is actually not checked by most WKD clients but from what I've heard will be used by some big e-mail providers (ProtonMail) to scan if domain has WKD deployed.

Sign in to participate in the conversation
Sheogorath's Microblog

This instance is the microblog to my blog. You'll probably find more recent content here while finding more elaborated content on the blog.


Impressum / Datenschutz