Keyservers: multiple subkeys and revocation

Jason Harris jharris@widomaker.com
Wed Nov 13 19:47:01 2002 

--bp/iNruPH9dso1Pn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Nov 13, 2002 at 08:58:04AM +0100, Matthias Mansfeld wrote:
=20
> If I have to revocate a key with multiple subkeys (one of the style which=
 is=20
> corrupted on the "normal" keyservers):=20
>=20
> I submitted this key over one of the buggy keyservers, these keyservers s=
how it=20
> corrupted, but nevertheless the public key block imports correctly and th=
e few=20
> servers without the bug show it correctly (means the key is correctly pro=
pagated,=20
> only _shown_ corrupted on the standard keyservers)

No, it will have missing and/or misplaced packets on the affected keyserver=
s.

> Can I assume I can take any keyserver for submitting the _revocated_ key =
or=20
> should/shall I submit explicitely on a _not_ buggy keyserver (the only on=
e I found=20
> seems to be keyserver.kjsl.com)

Send it directly to keyserver.kjsl.com and it will also be sent to
(and left uncorrupted by) ldap://pgp.surfnet.nl:11370.  Direct
synchronization doesn't happen in the opposite direction yet, but
we're planning to add it.  kjsl.com strips photo IDs, however.
It also handles direct key signatures, which make many other keyservers
reject keys/updates.  Keep these issues in mind when choosing
a keyserver.

Any other keyservers which don't corrupt keys don't seem to synchronize
with other nodes:

	http://keyserver.kjsl.com/~jharris/keyserver.html
	http://www.rediris.es/keyserver/keyserver.png

(NB:  both pages need to be updated.) =20

--=20
Jason Harris          | NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it?
jharris@widomaker.com | web:  http://jharris.cjb.net/

--bp/iNruPH9dso1Pn
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)

iD8DBQE90p51SypIl9OdoOMRApE9AKC7ZDP0P1pkgiIGDHnGJ79cE8kGJQCgx/Tu
GEkEx3nyineJGoU0LcnUZjk=
=yG+g
-----END PGP SIGNATURE-----

--bp/iNruPH9dso1Pn--