WKD and gpgOL - how force key re-publishing ?

Gpg4win help-en
1

Hello,

I installed in our company a server with WKD and WKS.

With Outlook and gpgOL plugin (2.5.3), the first time I send an encrypted email, it automatically asks to publish the key on our WKD. The process succeed.
The keys are automatically fetched from WKD in Kleopatra. It’s fantastic for users !

But if i remove the key from the WKD (or if the key expired), the process is never triggered again by gpgOL in Outlook.

On Linux, as everything is manual, it’s easy to generate the publish email and to sent it.

Can you help please ?
(Am I in the right place to ask this ?)

Best regards,
Jean

2

Hi,

awesome that you are using WKD / WKS. We are aware that the Support in GpgOL is currently limited to the initial publishing. In my opinion we would need to trigger this from Kleopatra. See: https://dev.gnupg.org/T5334 but that will require for Kleopatra to communicate with GpgOL.

Fwiw. Kleopatra under Linux has that option already in the latest versions.

But it is good to know that someone actually uses WKS, that will lead us to put more resources on the Support.

Best Regards,
Andre

3

Hello Andre,

Thank you very much for your answer :slight_smile:
Okay, good to know !

I should have asked before. I spent days to check my installation, logs & debug files,… looking for a configuration error.
First improvement would be to add this in the documentation :wink:

Am I the only one to use WKS/WKD ? That’s really easy for administrators (nothing to configure in Kleopatra, simple server configuration) and for users (queries are automatically done in background).

I hope development will continue. That’s a really promising feature.

Best regards,
Jean

4

We are using WKD / WKS too for mail addresses attached to our website. Key fetching is working but if key has been changed, those changes are not recognized by WKS/ WKD, for example old id is shown, expiration date is faulty a.s.o…

WKD can be tested with:
https://metacode.biz/openpgp/web-key-directory
(2 Methoden: Direct / Advanced,
siehe https://datatracker.ietf.org/doc/draft-koch-openpgp-webkey-service/

or local:
d:\A_down>gpg –v --auto-key-locate clear,nodefault,wkd --locate-key mail@domain.test

key extracts are located in:
.well-known/openpgpkey/hu/
and
.well-known/domain/hu/