Multiple Keyservers

Stewart V. Wright
Wed Jun 4 12:14:07 2003

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable


I thought I might make a couple of comments as I wrote the script that
Ash is using.

> >I have an automatic script that I call from mutt to automatically
> >retrieve signing keys from a keyserver.
> Are these the keys you need to verify the current mail? You don't need
> a script for that, GPG can do it for you.

The script sits between your MUA (mutt) and any calls to GnuPG.  All
it does is automatically download any keys you might need to verify a
mail (i.e. GnuPG does the work), but dumps them in a keyring
mutt-pubring.gpg rather than your pubring.gpg.  That way when you want
to clean up some space you can delete mutt-pubring and not lose all of
the important keys in your pubring.

> >Not really sure if searching for keys in this fashion is a good idea. If
> >not, please advise with an explanation.
> The keyservers are supposed to be share their data. If you don't want
> to query a server with a special customer base, this won't get any
> better results.

This was my understanding ans hence why I didn't put in multiple
keyservers.  I guess the question might come back to the problems with
older keyservers and signatures with multiple subkeys.  As I keep
getting reminded, searching on one (old) keyserver will give you no
luck.  You need the primary KeyID in that case...



Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.3-cvs (GNU/Linux)

Signature policy: