Keyservers in Europe?

Jonas Steverud
07 Dec 1999 13:43:10 +0100

Werner Koch <> writes:

> On Tue, Dec 07, 1999 at 11:55:45AM +0100
> Jonas Steverud wrote:
> > Ask him? But in that case I might as well ask for the public key in
> > the first place...
> >
> > % gpg --keyserver --recv-keys
> > did not work (not very suprising).
> This does not work yet because this may yield many keys and some
> interactive sesion would be needed.
The main reason for the confusion on my side was becaurse I did not realise how the keyservers worked. I am now (partially) enlighted. Reqest: Add a section about this in the manual. E.g. "The keyservers are a network of databases which hold peoples public keys. All servers holds the same information. If you know the key ID of a person you can do % gpg --keyserver --recv-keys keyID but if you only have the email address you can query the database. Start you favorite browser and point it at some keyserver and fill out the form. You can either get the public key thru the browser but the webpage will supply the key ID too (see above). The latter might be a slightly higher security level since browser are known security holes[1]. It all depends on your level of paranoia. NOTE! The keyserver might have many keys for the ``same'' address {TODO: How come?}. Be careful with which you choose. To find keyserves, do a ``host -l''. Note that round robin DNS is used so you might find diffrent servers when you query the database." Footnotes: [1] I will not go into the details here since this is just a hunch from my side. An attack would probably supply the wrong key ID but I feel a direct connection to the keyserver from gpg is better then a retrival via a browser. But I don't trust Netscape etc. at all OTOH - call me paranoid if you want to. -- ( GPG/PGP key @ ! Wei Wu Wei ) ( U2MoL, Roleplaying, LaTeX, Emacs/Gnus, SCWM, etc. ! To Do Without Do )