OpenPGP Web Key Directory

https://www.researchgate.net/publication/351286585_OpenPGP_Web_Key_Directory

If you use OpenPGP to secure your email communication, you should consider publishing your public key using Web Key Directory. It allows email clients to automatically retrieve your public key, using the HTTPS protocol. This article explains how WKD works, how to build a WKD server, how to publish keys in it, etc.

2 Likes

Presentation: http://dashohoxha.fs.al/presentations/OpenPGP-Web-Key-Directory.pdf

1 Like

Insightful presentation @dashohoxha! Thanks for sharing. It is nice to see this follow-up with WKD/WKS after the traditional keyservers were exploited a few years ago.

1 Like

WKD is distributed, while keyservers are replicated, but basically centralized. With WKD keys are under your control, you can update them as you wish, while with keyservers they are published for ever and ever, even if it was a mistake, even if it was just a test.

And then, the exploitations as well, that you mention: