Multiple Keyservers

Stewart V. Wright svwright+lists@amtp.liv.ac.uk
Wed Jun 4 12:14:07 2003


--KsGdsel6WgEHnImy
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi,

I thought I might make a couple of comments as I wrote the script that
Ash is using.

> >I have an automatic script that I call from mutt to automatically
> >retrieve signing keys from a keyserver.
>=20
> Are these the keys you need to verify the current mail? You don't need
> a script for that, GPG can do it for you.

The script sits between your MUA (mutt) and any calls to GnuPG.  All
it does is automatically download any keys you might need to verify a
mail (i.e. GnuPG does the work), but dumps them in a keyring
mutt-pubring.gpg rather than your pubring.gpg.  That way when you want
to clean up some space you can delete mutt-pubring and not lose all of
the important keys in your pubring.



> >Not really sure if searching for keys in this fashion is a good idea. If
> >not, please advise with an explanation.
>=20
> The keyservers are supposed to be share their data. If you don't want
> to query a server with a special customer base, this won't get any
> better results.


This was my understanding ans hence why I didn't put in multiple
keyservers.  I guess the question might come back to the problems with
older keyservers and signatures with multiple subkeys.  As I keep
getting reminded, searching on one (old) keyserver will give you no
luck.  You need the primary KeyID in that case...


Cheers,

S.




--KsGdsel6WgEHnImy
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)

iH8EARECAD8FAj7dxsc4Gmh0dHA6Ly93d3cubGl2LmFjLnVrL35zdndyaWdodC9z
ZWN1cml0eS9ncGctcG9saWN5Lmh0bWwACgkQaBqfzTXbdHLmzACeIAYbXjVlJtE4
e+HHL+22oiWFaeUAoJOXczEnzJBSJfoJzZGjLp6f3j4h
=KNaw
-----END PGP SIGNATURE-----
Signature policy: http://www.liv.ac.uk/~svwright/security/gpg-policy.html

--KsGdsel6WgEHnImy--