IA et droits de propriété intellectuelle : un questionnaire européen mené à l'occasion de la conférence ALAI Paris 2023 #WKD https://alai-paris2023.org/questionnaire/ (fait suite au rapport de 2020 présenté au CSPLA : https://www.enssib.fr/bibliotheque-numerique/notices/69406-mission-intelligence-artificielle-et-culture-rapport-final)

Did you know about Web Key Directory (#WKD) for #GPG? Well, I didn't, but now you can auto-locate my key.

https://wiki.gnupg.org/WKD
https://wiki.archlinux.org/title/GnuPG

Some issues:
- #WKD only allows serving a single key
- #Autocrypt also only allows using 1 key
- How do we do deprecation of keys without revocation?
- @thunderbird and other clients only accept 1 key from key servers
- keys.openpgp.org only serves 1 key per address
- Client key prioritization (v4 or v6?)
- Mixed recipients; how do I encrypt?
- WoT: Corroborative paths
- Can we link keys?

@qbi @clt_news Ich hab einfach nur meine Key Slips (https://openpgp.quelltextlich.at/slip.html) immer bei mir :awesome:, bin aber auch offen für #Keysigningparty . Das Ganze macht aber mehr Sinn, wenn die Teilnehmer #wkd benutzen:
https://bugs.gentoo.org/878479

Just sent an email from Protonmail to my main email address and received it PGP encrypted (attachment), without importing any key.

👉 The receiver email address (custom domain) is with one of the major email providers that does not support encryption
👉 The associated PGP key for the receiver email address was published via Web Key Directory (WKD direct + advanced)

In summary if your email client/provider supports WKD and you send me an email I will receive it encrypted.

#pgp #gpg #wkd

Just finished setting up Web Key Directory (WKD) for auto-discovery of PGP/GPG keys via email address. Pretty neat protocol. Just wish it would be used more widely.

More information: https://wiki.gnupg.org/WKD

#gpg #pgp #wkd #email #security

Had some fun today setting up #WKD to allow folks (ideally their mail clients) to more easily find and verify my #PGP public key based on my email address. I use #protonmail with a personal domain, so I don't get this by default like I do on the pm.me address.

RT @jarek_osowski
@PKP_PLK_SA szykuje armagedon na linii średnicowej #Warszawie: zostanie tu tylko co drugi pociąg. Dla pasażerów "jazda systemem paczkowym". Co to znaczy? Na Dw. Zach. peron 3 wróci dopiero na koniec jego rozbudowy, #WKD bez zmian jeszcze do 2. poł. 23 r.: https://warszawa.wyborcza.pl/warszawa/7,54420,29267026,na-linii-srednicowej-pkp-w-warszawie-zostanie-tylko-co-drugi.html

@mjgardner
So the email provider / email-domain acts like server in a sense that it offers public keys at a well known address? That's actually a very smart standard, though I don't see yet how email providers that don't manage the encryption for you can offer it in a way that is easy for normie users.

As #WKD is no central server (we avoid central servers in #DeltaChat), we could implement it in deltachat.😀

@treefit The point of #WKD is that it’s not centralized—your public key is just served via the web from your own domain from a well-known URL that includes a hash of your email address. (Some people do this through a DNS alias to a keyserver like keys.openpgp.org, but there’s your centralized SPOF.)

The QR code scanning is a non-starter for people who don’t meet in person or don’t yet have a secure side channel to send the code.

@mjgardner what makes a centralised key directory secure? Isn't that a single point of trust/failure?

I'm not too deep into that crypto stuff so might be a genuine noobie question. 😅

Also #DeltaChat already has the qr code verification (counter MITM protocol), so that might already address the underlying issues of not having a #WKD?https://countermitm.readthedocs.io/en/latest/index.html

Also there are ideas for a second version for Autocrypt, maybe we can start the efforts again (last meeting plans were canceled by covid)

I’m looking into #Autocrypt and what seems to be its flagship app, #DeltaChat. Unfortunately neither work with my secure #email provider #ProtonMail. The latter have publicly expressed #security concerns but did not state details because they don’t want to discourage the project.

I think one issue is the unauthenticated #OpenPGP public key exchange. It feels like it’s achingly close, if only Autocrypt would support #WKD. Are there any other issues?

#GnuPG #GPG #privacy #InfoSec #cybersecurity

@keyoxide Hey, any good options for managing #GnuPG #GPG #PGP #WKD for a small site (such as this one)? Currently using this: https://github.com/PennockTech/openpgpkey-control

Also, #keybase is nice, but y'know...

PS: It's a shame #OnlyKey does not support email encryption/signing on #Android while #YubiKey does :( just recently moved to OnlyKey and ECC keying

Sur mon blog
Partager ses clés OpenPGP, sur un serveur de clés, ou son propre serveur avec WKD

https://blog.lacasa.fr/2022-11/Partager-et-trouver-cles-openpgp

#OpenPGP #WKD #dotnet #blog

@oli

Ich mag PGP, aber dein Vorschlag ist wirklich zu technisch für die meisten. Und er verlässt sich auf einen zentralisierten Dienst <https://keys.openpgp.org/>. Früher waren die Keyserver mal föderiert, bis sich herausstellte, dass man sie leicht spammen kann. Es gibt aber auch heute noch verteilte PGP-Schlüsselverzeichnisse, z.B. mit #WKD: https://www.kuketz-blog.de/gnupg-web-key-directory-wkd-einrichten/

Wenn du Dezentralisierung in deinen Vorschlag einarbeiten könntest und die Mastodon-Software die Komplexität der PGP-Operationen übernimmt, könnte es was werden. Aber erst dann. Bis dahin reicht mir die simple bidirektionale Verlinkung, die Mastodon schon hat.

Skip the third-party server and self-host your PGP key via Web Key Directory (WKD)

Here's how I did it with Hugo and Netlify:

https://rossabaker.com/configs/web-key-directory/

#pgp #wkd #indieweb #hugo #netlify

It's World Kangaroo Day!

#macropod #AustralianWildlife #RedNeckedWallaby #Kangaroo #WKD

#OpenPGP is nice, but where can I find keys of my contacts?

#PGPainless now provides an implementation of the Web Key Directory (#WKD), as well as - of today! - an experimental client-side API for Verifying Key Servers (#VKS) such as https://keys.openpgp.org/

https://github.com/pgpainless/wkd-java
https://github.com/pgpainless/vks-java

I configured WKD for trop.in domain, now you can get my gpg key using simple command:
gpg --locate-keys andrew@trop.in

Some mail clients will do it automagically.

More information on WKD and how to configure it here:
https://www.uriports.com/blog/setting-up-openpgp-web-key-directory/
https://keys.openpgp.org/about/usage#wkd-as-a-service

Kudos to @proactiveservices and @wiktor for the comments, links, articles and all the help.

#gnu #gnupg #gpg #pgp #wkd

@fxneumann #Email #PgP Verschlüsselung ist m.A.n. nicht so umständlich wie hier dargestellt.

Der verlinkte Artikel ist veraltetet (von 2015!)

#Mailbox.org u #Posndteo bieten z.B. PgP an.

Orgs können ein PgP #WebKeyDirectory einrichten über das die Schlüssel vom E-Mail-Clienten automatisch bezogen werden können. #WKD