Skip to content

Fetch a Certificate from the Internet using a shorthand identifier

This issue is a spin-off from #103, which deals with "I already have a Certificate, but I'd like to check if there are updates for the certificate on the Internet".

By contrast, this issue is about the case of "I don't have a copy of a Certificate, but I have some short-hand identifier, and I'm hoping to find the corresponding Certificate from the Internet".

In #103, some examples for why this might be useful were named:

  • An OpenPGP fingerprint might be available to me in a reasonably "out of band" medium from a business card, and I'd like to acquire the corresponding Certificate
  • Some website advertises the fingerprint of a Key that they use (e.g. to issue data signatures, or that they can receive encrypted email for), and I'd like to acquire that Certificate (note that in this example, I might have more reason to doubt the fingerprint than if a person I know has personally handed me a printed medium)
  • A pre-existing software workflow uses fingerprints in some interface, as a placeholder for certificates, and corresponding certificates might not (yet) be available at all points in that workflow