keyserver subkey searches (was Re: Newbie seeking mail client)

David Shaw dshaw@jabberwocky.com
Thu Jul 3 04:37:05 2003


--Y1L3PTX8QE8cb2T+
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Jul 02, 2003 at 10:16:04PM -0400, Jason Harris wrote:
> On Wed, Jul 02, 2003 at 08:42:05PM -0400, David Shaw wrote:
>=20
> > I do.  Look for key 0x99242560 on any of the non-broken keyservers
> > (i.e. hkp://subkeys.pgp.net or ldap://keyserver.pgp.com).
> >=20
> > People sometimes have a problem finding it as I use a signing subkey,
> > and most keyservers do not yet support searching by subkey ID.
> >=20
> > Yaron has mentioned he will be adding this to the SKS keyserver at
> > some point, and that will solve this problem once and for all.
>=20
> ldap://pgp.surfnet.nl:11370 gets direct syncs sent in realtime from
> me at keyserver.kjsl.com and sends me nightly incrementals (which when
> merged also get sent to sks.dnsalias.net).  Thus, I consider
> ldap://pgp.surfnet.nl:11370 well-synchronized and heartily recommend using
> it, particularly when searching for subkeys (by long keyid or fingerprint=
).

Yes, both ldap://pgp.surfnet.nl:11370 and ldap://keyserver.pgp.com can
search by subkey, as that is a feature of the LDAP keyserver.
Unfortunately, they can only search by long keyid, something that most
people don't see.  If you use the "keyserver-option auto-key-retrieve"
feature, that will work, but you can't do --recv-keys (subkeyid).

David

--Y1L3PTX8QE8cb2T+
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3rc1 (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc

iD8DBQE/A5b44mZch0nhy8kRAikOAJ0QaQOZpvoBWGtrvoQirIgpCj3DBACeN8Cn
9Yrb7sWptMaznULk4N/JbmE=
=my3p
-----END PGP SIGNATURE-----

--Y1L3PTX8QE8cb2T+--