Adding support for fetching GPG key using WKD protocol

Wiktor Kwapisiewicz wiktor at
Thu Jul 5 07:23:58 UTC 2018

> Hi,
> Just wondering, I've got "auto-key-retrieve" set in my gpg.conf.  I'm
> using gpgme, and as far as I'm aware it fetches keys it doesn't know
> upon reading the message (gives a little delay) to verify the signature
> is OK.
> Is this a different thing somehow?

Yes, auto-key-retrieve is different from auto-key-locate.

Auto-key-retrieve is for signatures. It's a boolean flag that is 
disabled by default (because signature verification usually happens 
automatically when viewing signed content, and this could be used to 
track when you view your e-mail in some clients).

Auto-key-locate is for encryption. It's a list of schemes tried in 
succession and is triggered when using e.g. --locate-key (but also with 
--encrypt --recipient $EMAIL). By default it's "local,wkd". The 
reasoning is that if you explicitly want to send an e-mail to someone 
and you don't have their key (local) you would want to fetch it from 
their server (wkd). This is done only once (then the key is imported 
into the keyring).

Actually auto-key-retrieve when enabled will use the list from 

This post by dkg goes into more details:

But I can answer specific questions if you have more.

Kind regards,

> Thanks,
> Fabian
> On 04-07-2018 23:27:23 +0200, Wiktor Kwapisiewicz wrote:
>> Hello mutt-dev,
>> I would like to extend mutt to add fetching GPG keys over Web Key
>> Directory protocol.
>> (I've previously created an issue on gitlab [0] but I'll summarize the
>> thing here for the broader audience).
>> Web Key Directory is a new scheme for GPG key discovery. It converts the
>> e-mail address to HTTPS URL and fetches the key from there. It is
>> already supported by some e-mail clients (EnigMail, GpgOL).
>> For example has it enabled and Linus' key is at:
>> As GnuPG 2 has it enabled by default "gpg --locate-key
>> torvalds at" will fetch that key.
>> I've been exploring mutt's source code and the change would mostly be
>> enabling external lookup for keys that are not locally present [1] when
>> encryption is explicitly turned on (gpgme backend).
>> That raises some privacy issues, the same was discussed on gnupg-devel
>> ML [2] (gpg by default will fetch the key via WKD when encrypting to a
>> recipient but will *not* fetch the key when verifying signatures).
>> The question is how to do it well. Maybe ask the user if they want to
>> search for the key using WKD if it's not locally present?
>> An option would be the first choice but I worry about it not being used
>> at all (as people rarely enable non-standard features [3]).
>> Thank you for your consideration!
>> Kind regards,
>> Wiktor
>> [0]:
>> [1]: gpgme_set_keylist_mode(ctx,
>> crypto-gpgme.c#get_candidates.
>> [2]:
>> [3]:
>> -- 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 862 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Mutt-dev mailing list