Details / Concepts of the Web Key Directory
Pubkey Distribution Concept <- the (technical) details
- 2016-09-08 OpenPGP.conf presentation by Werner Koch: Abstract Slides.PDF
- 2016-09-08 OpenPGP.conf presentation by Bernhard Reiter, pages 21-24 Slides.ODP Slides.PDF
- 2016-09-09 OpenPGP-Schlüssel über HTTPS verteilen Golem news by Hanno Böck
- 2016-09-11 Spezifikation für die Verteilung von OpenPGP-Keys per HTTPS veröffentlicht Heise news by Johannes Merkert
- 2016-09-11 Anmerkungen zum Web Key Service gnupg-de@ by Werner Koch
- 2017-07-28 Draft 04 of the specs published (see details page linked above).
- 2017-10-10 LWN covers Werner Koch's talk at Kernel Recipies 2017
The elaborated proposal is a result of the EasyGpg2016 contract.
General Idea
If you and your peers use email-providers offering this "service", it works by the first email. Otherwise encryption will start after you have exchanged some emails.
Technically your email client will automatically
- prepare for this by creating a crypto key for you and uploading it to your provider (or second best to public keyservers).
- sign all emails so others see that you are ready for crypto (unless you opt out)
- ask the mail provider of your recipients for their pubkeys.
An email-provider supporting privacy can
- provide a pubkey for users via HTTPS, called "web key directory" (WKD).
- allow each user's email client to automatically manage the pubkey that gets published by email, called "web key service" (WKS).
- (if offering web-based email:) support the client part as well.