Hi eM Client Team,
First, thank you for your continued development of eM Client—it’s an outstanding application for email and calendar management!
I would like to request a feature that would greatly enhance the usability and security of encrypted email workflows: support for the WKD (Web Key Directory) protocol to automatically discover and retrieve GPG/OpenPGP public keys.
Currently, securely exchanging encrypted emails requires users to manually obtain their correspondents’ public keys, which can be cumbersome and error-prone. The WKD protocol provides a standardized and privacy-respecting way for email clients to automatically fetch a recipient’s public key directly from their domain, greatly simplifying the key discovery process.
Benefits
- Seamless Encryption: Makes it much easier for users to send encrypted emails without needing to manually search for and import public keys.
- Improved Security: Reduces the risk of man-in-the-middle attacks or key confusion by fetching keys directly from the sender’s domain.
- Interoperability: Many modern email providers (e.g., ProtonMail, Mailbox.org, Posteo) already support WKD, and several email clients (like Thunderbird, K-9 Mail, and GpgOL) have implemented it.
- User Experience: Streamlines the process for both new and experienced users, encouraging wider adoption of secure email practices.
Proposed Functionality
- When composing an encrypted email, eM Client should attempt to discover the recipient’s public key using WKD if it is not already in the user’s local keyring.
- If a key is found via WKD, prompt the user to trust and import it, or (optionally) allow automatic import.
- Provide clear feedback in the UI when retrieving keys via WKD.