<!--IssueSummary start--> <details> <summary> Everyone can contribute. [Help move this issue forward](https://handbook.gitlab.com/handbook/marketing/developer-relations/contributor-success/community-contributors-workflows/#contributor-links) while earning points, leveling up and collecting rewards. </summary> - [Close this issue](https://contributors.gitlab.com/manage-issue?action=close&projectId=278964&issueIid=23071) </details> <!--IssueSummary end--> ### Problem to solve As GitLab is getting more and more popular there are multiple instances I'm signing in. For each one of them I need to add GPG/SSH keys. GitLab could help automate that by fetching keys using Web Key Directory protocol. This new scheme implemented in gpg allows easy and secure key discovery based on e-mail. For example this command: gpg --locate-key test-wkd@metacode.biz Will fetch the key from my server over secure connection (HTTPS). This does **not** use keyservers at all. ### Further details When signing up, or when new verified e-mail is added GitLab could automatically fetch the keys for that e-mail and add them to user's keys. Web Key Directory is supported by clients: * gpg 2 * EnigMail * OpenKeychain for Android * (support for more in progress: GpgOL...) libraries (openpgp.js) and e-mail providers (posteo.de). It is also easy to set up on own domain and some prominent servers already use it (e.g. kernel.org). ### Proposal 1. When signing up or verifying e-mail 2. Fetch the keys using Web Key Directory (that requires converting e-mail to WKD URL) 3. Add the key to user's GPG keys ### What does success look like, and how can we measure that? Signing up to a new instance, or adding verified e-mail and visiting `GPG keys` section in user's profile would show my key without manual entry. ### Links / references https://wiki.gnupg.org/WKD If this proposal looks good to you I could work on a PR.