gpg key server

V. Alex Brennen vab@cryptnet.net
Wed Jun 6 21:35:02 2001


On Wed, 6 Jun 2001, Len Sassaman wrote:

> On Wed, 6 Jun 2001, Karin Kosina wrote:
>
> > > > [...]
> > > > and I think it's bad if I have to use a "PGP" key server to distribute
> > > > GPG keys. Any suggestions? (Please cc: me, as I'm not on the list.)
> > >
> > > Why? GPG keys, PGP keys -- they're all the same.
> >
> > They are not. Technically, they may conform to the same specifications;
>
> This is broken thinking.
>
> You are, simply stated, wrong -- both technically and actually.

This is really very logical thinking, not broken at all.  There is
just a difference of opinion, and a difference in values here.  I
see no need to argue, just a need to develop mutual respect for
both positions.  I, myself, share Karin's view of a difference
between GPG and PGP keys even though they are both RFC2440 compliant
(the same technically).  Since this is a personal political belief
base in my personal values, no technical or political argument will
change my mind.

The freedom the GPL allows is important for improving the functionality
and quality of GnuPG.  Using GnuPG with a key server that allows the
same freedom could be very beneficial to people who use PGP.  It would
allow for the same protected freedoms for improvements, and the same
protected freedom to share in those improvements on the server side
which are currently made possible on the client side by the GnuPG
developers.

I see no need or reason to take issue with anyone who wants to
develop or run a GPL'd keyserver, and no need or reason to take
issue with anyone who does not.

The working group did an amazing job on RFC2440.  RFC2440 compliance
will ensure interoperabilty no matter the license.  The use of GPL'd
software by those who want to use GPL'd software will be of no impact
to those who do not.

The GPL'd keyserver I'm working on right now is planned to be fully
compliant with RFC2440 and fully capable of interoperation with the
PKS protocol which the Horowitz and PGP keyservers use.  I've been in
contact with the three keyserver development projects which have been
mentioned on this and the keyserver list and have offered cooperation
with all of them.

I'm confident a compliant and integrated keyserver network can be
maintained while still respecting individual license preferences.
I hope that the CryptNET keyserver project is successful and that
our server plays a strong role in that network.

This discussion should probably be continued by any interested
parties off the gnupg development list since it does not
relate directly to gnupg development.


Thanks for your comments,

	- VAB

---
V. Alex Brennen      [vab@cryptnet.net]
[ http://www.cryptnet.net/people/vab/ ]
   F A R  B E Y O N D  D R I V E N !