PGP global directory cruft in keyservers

Alphax alphasigmax at
Wed Sep 7 12:17:12 CEST 2005

David Shaw wrote:
> On Tue, Sep 06, 2005 at 01:36:37PM -0500, John Clizbe wrote:
>>Kurt Fitzner wrote:
>>gpg --edit-key <keyID> clean
>>And setting the clean-sigs and clean-uids options on import-options,
>>export-options, and keyserver-options are our only defense until then.
>>Like you, I refreshed from a SKS server and found 120 new sigs on my key,
>>ALL PGP Universal Keyserver.
> To my knowledge, the PGP GD doesn't sync with anyone.  It would be
> interesting to know how/where these signatures are leaking into the
> keyserver net.

Probably some PGP users who are "automagically" synchronising their
entire keyrings with multiple keyservers, leaking keys that their owners
would rather not have on the keyservers in the process :(

Alphax                      |   /"\
Encrypted Email Preferred   |   \ /     ASCII Ribbon Campaign
OpenPGP key ID: 0xF874C613  |    X   Against HTML email & vCards    |   / \

More information about the Gnupg-users mailing list