Refreshing PGP keys
Andrew McDonald
andrew@mcdonald.org.uk
Wed Jun 13 21:05:01 2001
On Wed, Jun 13, 2001 at 01:18:33PM -0400, Dave Chapeskie wrote:
> On Sun, Jun 10, 2001 at 09:51:25PM +0100, Andrew McDonald wrote:
> > You could do a --recv-key for each key on your key ring in turn, but
> > this is a little tedious if done by hand.
> >
> > I've attached a little shell script (nothing special) that I use to
> > automate this. It creates a list of the keyids in your public keyring,
> > and then performs a recv-key on each of them.
>
> Just do something like:
>
> gpg --with-colons --fast-list-mode --list-keys \
> | awk -F: '$1=="pub" {print $5}' | sort | uniq \
> | xargs -n 20 gpg --recv-keys
I have also been passed a patch to gnupg that adds a --recv-updates
option. There are reasonable concerns about the load it might place on
key servers, so there are no plans to add this at the present time.
An alternative might be to have an option to do an automatic --recv-key
every time a key is used for encryption or signature verification,
though this is rather inefficient. I guess that improved methods of
being able to query a keyserver might make this more feasible in the
future.
--
Andrew McDonald
E-mail: andrew@mcdonald.org.uk
http://www.mcdonald.org.uk/andrew/