Gnupg on vxlabs

OpenPGP WKD for easy PGP key discovery

Thu, 24 Oct 2024 08:01:57 +0200

Web Key Directory (WKD) “is a standard for discovery of OpenPGP keys by email address, via the domain of its email provider”.

In short, through some DNS and files-on-your-webserver conventions, some email clients (e.g. Thunderbird or ProtonMail) and tools like GnuPG are able to retrieve your PGP keys automatically. This is of course super convenient and desirable for your correspondents, because PGP encryption is hard enough as it is.

OpenPGP makes this even better by offering “WKD as a service”, which means you only have to do the DNS bits, and not the files-on-your-webserver bits.

Configure Thunderbird 128 e2e encryption with GnuPG

Fri, 09 Aug 2024 13:55:52 +0200

It took me longer than I would have liked to setup the latest Thunderbird 128 (Supernova!) to use my existing GnuPG-based encryption setup, for a large part because TB defaults to its own more straight-forward built-in defaults for key management, and so I’m going to publish the recipe here to save you some time, hopefully.

All the details, at various levels of obviousness, can be found on this Mozilla wiki page, but here I’m going to make the whole sequence more obvious.

GnuPG pinentry via the Emacs minibuffer

Sun, 21 Mar 2021 10:12:00 +0200

On the various and different platforms where I use Emacs and GnuPG encryption, I’ve traditionally always had a bit of a struggle setting up a suitable mechanism for private key passphrase entry, or pinentry.

Recently, I landed upon this extremely easy-to-setup and reliable solution where Emacs and GnuPG can be configured so that Emacs requests the passphrase via its standard minibuffer password entry mechanism, and then passes this through to GnuPG.