Automatically fetch keys from validating sources
Let's make Schleuder:
- automatically fetch keys for each recipient without key (regardless of subscription or third-party), but only from validating sources (WKD and validating keyservers).
- update keys also only from validating sources,
- drop
x-fetch-key
.
For most users this would make sending encrypted emails easier. And we would push the use of better key sources, driving people away from still using SKS keyservers, or sending plain text email.
Those users that require more manual control still can use x-add-key
to get a manually downloaded key from a different source into the list's keyring.
The only downside I see is that Schleuder would repeatedly make network requests for email addresses that don't have a key published in any of the sources. I'd accept that as a small price.
Related to #435 (closed)