Folks, Is there any facility in GnuPG, or any neat hacks which can be applied to current releases, to be able to remap WKD queries to go to specified .onion hosts?
Eg, <https://onion.debian.org/> lists: openpgpkey.debian.org: http://habaivdfcyamjhkk.onion/ and indeed if I use `gpg --list-keys --with-wkd-hash debian.org` and pick someone vaguely at random, I can run: curl -fSs http://habaivdfcyamjhkk.onion/.well-known/openpgpkey/debian.org/hu/ycp4ih1jtsdky6d6ufee9h3txmmaqgag | gpg --import and it works. My understanding is that for .onion hostname services they already have security equivalent to TLS providing privacy in their direct links onto Tor, so if I trust my access to my Tor gateway, this gives enough privacy. So I'd be looking for something morally equivalent to having `~/.gnupg/onion-wkd-mappings.txt` containing lines like, well, the snippet I pasted above from the onion.debian.org page (with comments etc allowed too, so I can record the provenance of mappings), or some moral equivalent (directory with entries to be remapped, etc). Or am I looking at just a thin shell wrapper to do the mappings needed to invoke `curl | gpg` as above? I'm thinking that with dirmngr already having some Tor support, it's a better place to automatically do so. -Phil _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
