Package: gpg Version: 2.2.12-1+deb10u1 Severity: normal
Dear Maintainer, I recently tried setting up three domains with Web Key Directory (WKD) "basic/direct" URLs: https://wiki.gnupg.org/WKDHosting says > .well-known/openpgpkey/hu if using the fallback "direct" URL scheme https://www.ietf.org/id/draft-koch-openpgp-webkey-service-08.txt says: > > The direct method requires no additional DNS entries and constructs > the URI from the concatenation of these items: > > o The scheme "https://", > o the domain-part, > o the string "/.well-known/openpgpkey/hu/", > o the above constructed 32 octet string, > o the unchanged local-part as a parameter with name "l" using proper > percent escaping. Here are the URLs I setup: h...@at.or.at https://at.or.at/.well-known/openpgpkey/hu/tyyfxn4t6ytctsfpzfogin37su9pzssg h...@guardianproject.info https://guardianproject.info/.well-known/openpgpkey/hu/tyyfxn4t6ytctsfpzfogin37su9pzssg ad...@f-droid.org https://f-droid.org/.well-known/openpgpkey/hu/4y36rkzdjnzmk3oxaekyi5biowgr5kcz Using this test command fails to find any of them, all failing with the same error: $ gpg -v --auto-key-locate clear,wkd,nodefault --locate-key ad...@f-droid.org gpg: using pgp trust model gpg: error retrieving 'ad...@f-droid.org' via WKD: No data gpg: error retrieving 'ad...@f-droid.org' via None: No public key gpg: key "ad...@f-droid.org" not found: No public key -- System Information: Debian Release: 10.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable'), (100, 'proposed-updates'), (100, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-6-amd64 (SMP w/8 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages gpg depends on: ii gpgconf 2.2.12-1+deb10u1 ii libassuan0 2.5.2-1 ii libbz2-1.0 1.0.6-9.2~deb10u1 ii libc6 2.28-10 ii libgcrypt20 1.8.4-5 ii libgpg-error0 1.35-1 ii libreadline7 7.0-5 ii libsqlite3-0 3.27.2-3 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages gpg recommends: ii gnupg 2.2.12-1+deb10u1 gpg suggests no packages. -- no debconf information