@sheogorath Definitely, looks really nice, can I nitpick some small details?
Feel free to correct me :D You can either do it here on Mastodon or directly via Merge Request 😉 Whatever you prefer.
@sheogorath 🤔 It seems the spec actually recommends generic `application/octet-stream` Content-Type (https://tools.ietf.org/html/draft-koch-openpgp-webkey-service-07#section-3.1 "The server SHOULD use "application/octet-stream" as the Content-Type for the data").
Previous editions recommended pgp-keys but this media type is reserved for armored keys (see https://tools.ietf.org/html/rfc3156#section-7) not binary.
@sheogorath `mailbox-only` means accepted user IDs are not the usual `John Doe <email@example.com>` but contain mailbox only: `firstname.lastname@example.org`. I know of only one provider that needs this (Posteo.de) due to their policy of not publishing real names of customers.
I think vast majority of people would use just an empty policy file. This is actually not checked by most WKD clients but from what I've heard will be used by some big e-mail providers (ProtonMail) to scan if domain has WKD deployed.
@wiktor Fixed and noted!
Thanks a lot!
@sheogorath No problem, glad I could be of service :)
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!