Closed Bug 1698448 Opened 4 years ago Closed 3 years ago

OpenPGP does not use WKD

Categories

(MailNews Core :: Security: OpenPGP, defect)

Product:
MailNews Core
Component:
Security: OpenPGP
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1695048

People

(Reporter: krakonos, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:86.0) Gecko/20100101 Firefox/86.0

Steps to reproduce:

I sent myself a signed email from an address publish in WKD.
TB does not fetch the keys from the WKD server. I did make it a bit complicated by having the previous version of the key (now expired) on various keyservers, but I would expect WKD to be checked.

The associated key is krakonos@krakonos.org. The key can be discovered over WKD by gpg:

krakonos@muskox ~ $ gpg --locate-external-key krakonos@krakonos.org
gpg: key F0223ACB22EEAEEF: "Ladislav Laska <krakonos@krakonos.org>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
pub   ed25519 2019-01-15 [SC] [expires: 2022-01-18]
      0369C2556301FD917294E33EF0223ACB22EEAEEF
uid           [ultimate] Ladislav Laska <krakonos@krakonos.org>
sub   cv25519 2019-01-15 [E] [expires: 2022-01-18]
sub   ed25519 2021-03-02 [S] [expires: 2022-01-18]
sub   ed25519 2021-03-02 [A] [expires: 2022-01-18]

Actual results:

Clicking "Discover" in the email dialog results in no keys. TB does not even try to contact the WKD server and blacklisting keys.openpgp.org for test purposes (127.0.0.1 keys.openpgp.org in /etc/hosts) results in no action (not even dialog box is shown).

Expected results:

Clicking "Discover" in the email dialog should fetch the public keys from WKD and/or keyservers (preferably from both, but could prefer WKD as it appears to be the emerging standard for key distribution).

Also, doing the same in the "OpenPGP Key Manager" should fetch the keys from WKD. It does not.

Status: UNCONFIRMED → RESOLVED
Closed: 3 years ago
Resolution: --- → DUPLICATE

Ladislav: I'm surprised that you created this ticket shortly after commenting on bug#1695048 because this one seems to be a duplicate.

Or did I miss something?

To be honest, I'm not entirely sure as well, it's been 6 months. Reading this ticket, it looks like the "Dicover" button was not functional at all and no action was performed. Anyhow, looking at the other ticket the WKD works in daily, so I think its safe to close the issue. I will report a new bug if I find other problems.

Regards,
Ladislav

You need to log in before you can comment on or make changes to this bug.