Refreshing PGP keys

Andrew McDonald
Wed Jun 13 21:05:01 2001

On Wed, Jun 13, 2001 at 01:18:33PM -0400, Dave Chapeskie wrote:

> On Sun, Jun 10, 2001 at 09:51:25PM +0100, Andrew McDonald wrote:
> > You could do a --recv-key for each key on your key ring in turn, but
> > this is a little tedious if done by hand.
> >
> > I've attached a little shell script (nothing special) that I use to
> > automate this. It creates a list of the keyids in your public keyring,
> > and then performs a recv-key on each of them.
> Just do something like:
> gpg --with-colons --fast-list-mode --list-keys \
> | awk -F: '$1=="pub" {print $5}' | sort | uniq \
> | xargs -n 20 gpg --recv-keys
I have also been passed a patch to gnupg that adds a --recv-updates option. There are reasonable concerns about the load it might place on key servers, so there are no plans to add this at the present time. An alternative might be to have an option to do an automatic --recv-key every time a key is used for encryption or signature verification, though this is rather inefficient. I guess that improved methods of being able to query a keyserver might make this more feasible in the future. -- Andrew McDonald E-mail: