Thunderbird and OpenPGP - Web Key Directory (WKD)
kaie at kuix.de
Thu Dec 5 16:06:33 UTC 2019
Victor Koss asked:
> Will you keep support for WKD (Web Key Directory)?
WKD can be used to retrieve the OpenPGP public key for an email address,
if the owner of that address has published the key on the web server
that is associated with the email address.
Enigmail currently implements this retrieval mechanism without using
GnuPG software, so we should be able to keep this support.
(Note that it's a different question what level of trust should be
assigned to keys downloaded with that mechanism. This hasn't been
In addition, WKD also offers a protocol to publish your own key on your
email domain. For this to work, the operators of the email domain must
run server software that provides the Web Key Service.
Enigmail currently implements uploading using GnuPG's gpg-wks-client
utility. Because we don't bundle GnuPG software, that tool likely won't
be available for the majority of Thunderbird users.
It might be interesting to implement this uploading mechanism without
the use of GnuPG software, but it hasn't yet been discussed what
priority this feature should have.
To summarize, downloading from WKD will probably be supported, but it's
unclear when uploading might be supported.
More information about the tb-planning