adding and updating to keyservers/THANKS!

Brian Minton minton@csc.smsu.edu
Sat Sep 28 16:59:02 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, Sep 28, 2002 at 12:08:01AM -0500, Newton Hammet wrote:
 I think what some of this will involve is something akin to a versioning
> system.... (kind of like building and testing)... make a change to my
> key...
> (keep a prev version of keyring or key around just in case) test that...
> check it and so forth then up to keyserver when ok....

sounds like extra work, but it certainly won't hurt :-)

> My question for the day:  will keyservers keep expired keys, or
> eventually
> delete them?  (of course the question is harder if the main key doesnt
> expire
> but a subkey does, because the 2 expire dates can be different.)

they keep them

> and another question ... it seems that with all the people downloading
> and signing
> and uploading my key something akin to race conditions can develop. 
> where 2 people
> get copies , update them, and put the copies back, each not reflecting
> what changes the
> other made.   (I am probably using race rather loosely it usually
> implies a hung
> condition arising from contention of resources held.)

no, because the signatures are only on the key, not on other signatures.  so
if two different people sign your key and upload it, there will be two
different signatures, which the keyserver automatically merges.  When you
download them again you get the whole thing and gpg will tell you two new
signatures added

also, are you on the mailing list?  If so, we should carry on this discussion
there, in case others may benefit from it.

peace,
Brian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)

iD8DBQE9lcOBcieIIFcDdHIRAqVBAJ9e3XUruHZU8U7zY9DDyIqDE3DsOgCfZSLH
NlycHZuOpmjmmsVpveWazYo=
=2m+u
-----END PGP SIGNATURE-----