Keyservers: multiple subkeys and revocation

Jason Harris
Wed Nov 13 19:47:01 2002

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Nov 13, 2002 at 08:58:04AM +0100, Matthias Mansfeld wrote:
> If I have to revocate a key with multiple subkeys (one of the style which=
> corrupted on the "normal" keyservers):=20
> I submitted this key over one of the buggy keyservers, these keyservers s=
how it=20
> corrupted, but nevertheless the public key block imports correctly and th=
e few=20
> servers without the bug show it correctly (means the key is correctly pro=
> only _shown_ corrupted on the standard keyservers)

No, it will have missing and/or misplaced packets on the affected keyserver=

> Can I assume I can take any keyserver for submitting the _revocated_ key =
> should/shall I submit explicitely on a _not_ buggy keyserver (the only on=
e I found=20
> seems to be

Send it directly to and it will also be sent to
(and left uncorrupted by) ldap://  Direct
synchronization doesn't happen in the opposite direction yet, but
we're planning to add it. strips photo IDs, however.
It also handles direct key signatures, which make many other keyservers
reject keys/updates.  Keep these issues in mind when choosing
a keyserver.

Any other keyservers which don't corrupt keys don't seem to synchronize
with other nodes:

(NB:  both pages need to be updated.) =20

Jason Harris          | NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it? | web:

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.1 (FreeBSD)