Key rejected by keyservers

Hein Roehrig hein@acm.org
Mon Feb 18 18:31:02 2002


Dear list,

it appears that the Horowitz keyservers cannot handle GPG keys with
revoked subkeys: does anybody know about workarounds/solutions in
progress/etc. ? 

Another question (which is probably a FAQ but not mentioned in the
gnupg FAQ): keyserver.pgp.com and gnv.us.ks.cryptnet.net don't work
out of the box with --{send,recv}-keys. Is there a way to make them
work?

Thanks in advance for any advice,
Hein


John Goerzen wrote in June 2001:

> Werner Koch <wk@gnupg.org> writes:
> 
> > The horowitz keyservers have major problems with keys which are little
> > bit uncommon - hmmm, I wonder what's uncommon  with a subkey
> > revocation.  They have messed up my key too.  keyserver.pgp.com does
> > work fine.
> 
> Thanks guys.  I've contacted the mailing list for pksd and have
> discovered that this bug has been known since 1999 apparently.  What
> hapens is the code literally concatenates the binary data for all your
> subkey signatures together into a single one and ignores all but one
> subkey (they assume that each keypair has exactly one subkey and
> exactly one subkey signature).  This results in, of course, major
> mess.
> 
> I've found the problem in the code but fixing it is beyond my skill
> level at the moment, unfortunately.  And alas, gnupg
> --{send,recv}-keys doesn't work with keyserver.pgp.com.  In the
> meantime, all the pgp.net servers have corrupted my key on them to the
> point where it it useless for encryption!
> 
> -- John
>