Duplicated self-signatures on keyservers
Jason Harris
jharris@widomaker.com
Fri May 16 20:12:02 2003
--AH+kv8CCoFf6qPuz
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, May 16, 2003 at 02:31:57PM +0200, Manuel Samper wrote:
> I recently created a keypair (fffd5da0), and sent it to public
> keyservers. Later, I modified the preferences on their user ids (gpg
> --edit-key, setpref and updpref), and sent it again to keyserves. Now,
> when I search my key, I see now two self-signatures:=20
> http://keyserver.kjsl.com:11371/pks/lookup?op=3Dvindex&search=3D0xfffd5da0
keyserver.kjsl.com and newer pks keyservers (I think my keyserver list
is current enough to show them all, see my website), as well as the LDAP
and SKS (http://sks.sf.net/), and perhaps OKS (keyserver.net), keyservers
store all versions of all signatures.
> AFAIK, keyservers merge up everything and don't remove anything, and the
Older pks keyservers keep only the most recent signature.
> Not worried specially about it, just imagining the case of a key bloated
> with a bunch of self-signatures... but in that case, it's better to
> fetch it directly from their owner and not from the keyservers, I think.
Use the older pks servers then, until you find a key with a bad selfsig
and want to see what other selfsigs are available on the keyservers that
keep all signatures.
--=20
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
jharris@widomaker.com | web: http://jharris.cjb.net/
--AH+kv8CCoFf6qPuz
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)
iD8DBQE+xSnNSypIl9OdoOMRAohdAKDXDnAaJGvAyVpcFVuUv8HV6CYI3wCgstBc
46uDoLj24QNMuSBTYPfoNww=
=sUK1
-----END PGP SIGNATURE-----
--AH+kv8CCoFf6qPuz--