Thunderbird and OpenPGP - Web Key Directory (WKD)

Kai Engert kaie at
Thu Dec 5 16:06:33 UTC 2019

Victor Koss asked:
 > Will you keep support for WKD (Web Key Directory)?

WKD can be used to retrieve the OpenPGP public key for an email address, 
if the owner of that address has published the key on the web server 
that is associated with the email address.

Enigmail currently implements this retrieval mechanism without using 
GnuPG software, so we should be able to keep this support.

(Note that it's a different question what level of trust should be 
assigned to keys downloaded with that mechanism. This hasn't been 
decided yet.)

In addition, WKD also offers a protocol to publish your own key on your 
email domain. For this to work, the operators of the email domain must 
run server software that provides the Web Key Service.

Enigmail currently implements uploading using GnuPG's gpg-wks-client 
utility. Because we don't bundle GnuPG software, that tool likely won't 
be available for the majority of Thunderbird users.

It might be interesting to implement this uploading mechanism without 
the use of GnuPG software, but it hasn't yet been discussed what 
priority this feature should have.

To summarize, downloading from WKD will probably be supported, but it's 
unclear when uploading might be supported.


More information about the tb-planning mailing list