On Tue, Jan 12, 2021 at 10:17:13PM +0100, Stefan wrote in
<CAC6FiZ4okkkjsZWG5N7MmnZL=twait-gep8vbja8ai49vza...@mail.gmail.com>:
How can GPG solve bugs that are not in the GPG code or infrastructure? I
think André did a great job explaining what the issues are. How do you
think they can be addressed by GPG?
If you followed the whole thread you may agree that GnuPG and gpg4win,
due to the way of how WKD is implemented does not allow wildcard (sub)domains,
when fetching a pub key from, for example, github.io pages, because it gives
a cert error for a *valid* SSL cert, while other OpenPGP software,
like sequoia-pgp,
can handle this.
I suggest that you or any other persons ask this question Werner, the author
of GnuPG and IIRC the wkd-draft author or you ask the sequoia
team how they implemented WKD, because sq.exe does it's job.
Firefox gives an error on the URL https://openpgpkey.sac001.github.io/ :
Websites prove their identity via certificates. Firefox does not trust this site
because it uses a certificate that is not valid for openpgpkey.sac001.github.io.
The certificate is only valid for the following names: www.github.com,
*.github.com, github.com, *.github.io, github.io, *.githubusercontent.com,
githubusercontent.com
I don't see the valid SSL certificate you keep on insisting is there.
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
