So a few days ago on Fedi I linked to a blogpost of someone talking about how to get keys
from the Proton API for custom domains who don’t use WKD. But they
actually also have a hkps server up, and so do Mailvelope. I was
piping the export of the curl API call directly to GPG anyway and
that doesn’t make any sense since it’s something GPG can do already.
Add this to .gnupg/gpg.conf first:
keyserver hkps://keys.openpgp.org
keyserver hkps://mail-api.proton.me
keyserver hkps://keys.mailvelope.com
I’m gonna add in more keyservers later, these are just some common ones among people I know.
And then to find their keys, just
gpg --auto-key-locate local,wkd,keyserver --locate-keys their@email-address
This searches WKD first like God intended and only uses hkps as a fallback.
It also checks local first so you’re not sending unnecessary requests, but when you do wanna refresh your old stale keys for them, instead do this:
gpg --auto-key-locate wkd,keyserver,nodefault --locate-external-keys their@email-address