Services/WKD: Difference between revisions
(Created page with "{{Template:Service | description = Directory and Update service to publish PGP Keys | prerequisite = | account = global-reg | ipv6 = true | security_notes = This service is s...") |
No edit summary |
||
Line 1: | Line 1: | ||
{{Template:Service |
{{Template:Service |
||
| description = Directory and Update service to publish PGP Keys |
| description = Directory and Update service to publish PGP Keys. |
||
This service can be used to associate your PGP identities that matches the domains managed via DuckCorp with your public key. Many email clients can now use this method to discover your public key in order to encrypt mails to you. |
|||
| prerequisite = |
| prerequisite = |
||
| account = global-reg |
| account = global-reg |
||
Line 12: | Line 13: | ||
== Requesting an identity to be published == |
== Requesting an identity to be published == |
||
If you have multiple identities matching domains managed via DuckCorp then you need to request publishing for each one separately. |
|||
The ''gpg-wks-client'' command used below might not be in your path, it can often be found inside ''/usr/lib/gnupg/''. |
The ''gpg-wks-client'' command used below might not be in your path, it can often be found inside ''/usr/lib/gnupg/''. |
||
Line 24: | Line 27: | ||
gpg-wks-client --send --read < <file> |
gpg-wks-client --send --read < <file> |
||
When you receive the |
When you receive the notification email it is then published. |
||
== Verifying an identify is published == |
== Verifying an identify is published == |
Latest revision as of 10:02, 20 May 2021
Description | Directory and Update service to publish PGP Keys.
This service can be used to associate your PGP identities that matches the domains managed via DuckCorp with your public key. Many email clients can now use this method to discover your public key in order to encrypt mails to you. | |||
---|---|---|---|---|
Prerequisite | None | |||
Account | Global (registration required) | IPv6 Ready | Yes | |
Security Notes | This service is secure. |
Access
To access this service you need PGP identities using email addresses on domains managed by DuckCorp.
Requesting an identity to be published
If you have multiple identities matching domains managed via DuckCorp then you need to request publishing for each one separately.
The gpg-wks-client command used below might not be in your path, it can often be found inside /usr/lib/gnupg/.
If the --send option fails in the following command, you can remove it and pipe the result into /usr/sbin/sendmail -oi -t directly.
Request the inclusion or update of your key:
gpg-wks-client --create --send <gpgkey-fpr> <email>
<gpgkey-fpr> is the fingerprint of your GPG key. <email> must match one of the key identities (uids) as well as one of the published domains.
When you receive the confirmation request email, save the attachment and send the confirmation:
gpg-wks-client --send --read < <file>
When you receive the notification email it is then published.
Verifying an identify is published
You can check the key is properly published for an identity with:
gpg --auto-key-locate clear,nodefault,wkd --locate-keys <email>
Technical Details
This service is made using: