Global Directory signatures (was Re: GPG wants to check trustdb every day)

Jason Harris jharris at
Thu Dec 30 05:35:12 CET 2004

On Wed, Dec 29, 2004 at 08:44:43PM -0500, David Shaw wrote:

> I rather like the notion of GPG keeping GPG clean, the keyservers
> keeping the keyservers clean, and so on.  So long as people aren't
> actively bridging keys between the GD and the keyserver net (which
> seems to be happening in my case, though I have no idea why someone
> would bother), this should be okay.

Good luck.  Each person who signed 0xCA57AD7C and uploaded their
signature for others to use:

probably disagrees, unless is now secretly
infiltrating its keys into the regular public keyserver network.

Besides, using only isn't feasible if you care about
signatures from keys not registered with it.  This is because it now
implements "weak no-modify" in addition to being unsynchronized, whereas
in the past it was only because it stopped synchronizing with other

If signatures from 0xCA57AD7C were issued when a key is first verified
by GD and set to expire yearly (a la RobotCA), there wouldn't be a problem.

Jason Harris           |  NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it?
jharris at _|_ web:
          Got photons?   (TM), (C) 2004
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 309 bytes
Desc: not available
Url : /pipermail/attachments/20041229/1c52d17b/attachment.bin

More information about the Gnupg-users mailing list