gpg key server

Len Sassaman rabbi@quickie.net
Wed Jun 6 20:28:01 2001


On Wed, 6 Jun 2001, Karin Kosina wrote:

> > > [...]
> > > and I think it's bad if I have to use a "PGP" key server to distribute
> > > GPG keys. Any suggestions? (Please cc: me, as I'm not on the list.)
> >
> > Why? GPG keys, PGP keys -- they're all the same.
>
> They are not. Technically, they may conform to the same specifications;

This is broken thinking.

You are, simply stated, wrong -- both technically and actually.

The reason we have open standards is so that different products, with
different licenses, fee structures, design elements, etc., can all
communicate.

I maintain that there are no such thing as GnuPG keys, or PGP keys. There
are only OpenPGP keys (of the various versions -- this includes v3, or
"PGP2 keys", for those who would nitpick about that), which GnuPG, PGP,
and others generate and use. Why do you think RFC 2440 was written?

Would you make this same objection about RFC 1918 compliant email? "My
email is different than yours because it is composed on a GPL'd email
client, or passes through a BSD-licensed MTA." "I cannot send you email
because your company uses an exchange server, and that would make my email
not-free.

That's absurd.

> but I am using GPG instead of PGP because I want to use Free Software,
> which PGP is not. I would appreciate to also use a free server. V. Alex

Actually, I am using PGP Freeware right now, and don't pay a penny for it.

"Free Software by Bruce Perens' definition", I think you mean. To the
majority of the world, free still means "without cost".

> Brennan is working on one, and I'm very glad about that. It is one of
> the goals of Free Software to make it possible to do all the tasks you
> want to do without ever having to use any non-free programs.

Uh huh. Until you try to interact on the Internet, where software
diversity abounds. If the Stallmanites want to impose their Communist
views of how all software must be free, and Good People would never
dirty their hands interfacing with software of Inferior Licenses, they're
going to have a hard time communicating with the real world.

I am completely fed up with this "our license is better than yours", "our
software is the real software" "we won't talk to your product because of a
political reason" nonsense. I see it in the open source community. I see
it in the commercial software industry. It's absurd.

Have a look at my public key. Can you tell me what software was used to
generate it?

(Answer: no. Because there is no difference. There are only standards
compliant keys, and those which do not comply.)

And, incidently, the first PGP keyserver ever written *is* free.


Len