Keyservers in Europe?

John A. Martin jam@jamux.com
Tue, 07 Dec 1999 09:21:49 -0500 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


>>>>> "Jonas" == Jonas Steverud

>>>>> "Re: Keyservers in Europe?"

>>>>>  07 Dec 1999 13:43:10 +0100


    Jonas> Reqest: Add a section about this in the manual. E.g. "The
    Jonas> keyservers are a network of databases which hold peoples
    Jonas> public keys. All servers holds the same information. If you
    Jonas> know the key ID of a person you can do

Is it true that all key servers hold the same information?

In the recent past I had the distinct impression that key servers
under the influence of Network Associates, including at least one at
mit.edu, do not share with other servers keys placed directly with
them while they do absorb keys from other servers.  I believe someone
who should know told me that was a deliberate policy.  I am not
in a position to verify this now and hope that I am totally mistaken
or at least that this is no longer true.

Also, at least from time to time, different key servers seem to have
been unable to carry different styles of keys.

A definition of what are "public" key servers might be useful.

    Jonas> % gpg --keyserver wwwkeys.ch.pgp.net --recv-keys keyID

    Jonas> but if you only have the email address you can query the
    Jonas> database.

    Jonas> Start you favorite browser and point it at some keyserver
    Jonas> and fill out the form. You can either get the public key
    Jonas> thru the browser but the webpage will supply the key ID too
    Jonas> (see above). The latter might be a slightly higher security
    Jonas> level since browser are known security holes[1]. It all
    Jonas> depends on your level of paranoia. NOTE! The keyserver
    Jonas> might have many keys for the ``same'' address {TODO: How
    Jonas> come?}. Be careful with which you choose.

    Jonas> To find keyserves, do a ``host -l pgp.net''. Note that
    Jonas> round robin DNS is used so you might find diffrent servers
    Jonas> when you query the database."

Most/many/all key servers have an email interface which many may find
preferable if for no other reason than that by keeping the mails they
have a clear permanent record of what was done and when.  It is IMHO
unfortunate to give the impression that "the web" is the best way to
do everything just because it is there.

	jam

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: By Mailcrypt 3.5.4 and Gnu Privacy Guard <http://www.gnupg.org/>

iD8DBQE4TRfcUEvv1b/iXy8RArHjAJ4r9TEP+6AXPh6A+eMwWSq5BDK/5QCfQ99j
6kf95rXnxcqEiwGnQaJTSEU=
=1n0i
-----END PGP SIGNATURE-----