I recently purchased a domain from Cloudflare Registrar, primarily for the purpose of managing my digital identification. I’ve set up MX records (and DMARC, etc.) for email routing just fine, but publishing GPG keys is decidedly less straightforward.
I initially attempted to set up an IPGP certificate, hosting the public key in a Backblaze B2 bucket via redirect, but this has proven buggy and prone to TLS certificate issues. I’ve decided to attempt replacing it with WKD, but this demands hosting specific files at specific URLs rather than using DNS records alone.
My question is this: What is a straightforward method of providing static files at specific URLs? I’d like to avoid maintaining a cloud server just for this if I can, but I’m not sure object storage is suitable for this. If I can run this entirely within Cloudflare, that would be ideal. I’d also like to do this in a manner that avoids other uses of the domain: redirecting all traffic for the entire domain is unacceptable.
You’re supposed to host your key as a static file on your own domain, thus using DNS to vouch for the key’s connection to the UID: when you use CNAME like that, you are delegating that job to the key server.
I don’t since I’m not good at securing servers, so I leave the job to them.
So if you don’t want to self-host it, then you can do what I explained above.
And I think I may didn’t explain myself earlier, in order to the WKD provide the key you need to upload it to the key server. So because they have your key, people who use WKD can get it, and people who don’t use WKD (because they didn’t update Thunderbird etc.) they can still get your key from the key server.
I think that’s a good idea since WKD is not that popular yet, and may have to change in the future.
And that key server is the default key server on most E-Mail clients like Thunderbird etc.