Wkd selects usable key from all received #3401
Conversation
rrrooommmaaa
force-pushed
the
issue-3017-wkd-many-keys
branch
from
695aef6 to
0e287cc
Compare
|
@tomholub Looks like |
Definitely - but maybe not in this PR. There is another issue #3018 to look into that as a followup. That is also related to issue #3332 I think the overall sequence could be:
Right now, since there is only one public key per recipient email, we'd have to create some logic that would be quite different (I think) from the final situation. Right now, let's say the recipient rotates the key. Old one is revoked, new one is available. We would have to throw out the old (revoked) one and replace it with the new one. As opposed to, after we support several pubkeys per recipient, we can independently update the revoked ones and also all of the valid ones that WKD returns - save them all. Then only once we try to email that recipient (or verify their emails) will we choose the right public key from all of the ones that are available. |
Sorry, fixed |
Ok, so this PR is ready to merge, as I understood. |
| return alice; // advanced for incorrect@localhost | ||
| }, | ||
| '/.well-known/openpgpkey/localhost/hu/66iu18j7mk6hod4wqzf6qd37u6wejx4y?l=some.revoked': async () => { | ||
| return validAmongRevoked; |
There was a problem hiding this comment.
I just noticed - we are returning armored keys here on the WKD endpoints but that does not reflect how WKD returns keys (which should be unarmored bytes, concatenated). I'll make another issue for this.
This PR selects a usable key among all received from Wkd
close #3017