PGP global directory cruft in keyservers

David Shaw dshaw at
Wed Sep 7 18:21:53 CEST 2005

On Wed, Sep 07, 2005 at 07:47:12PM +0930, Alphax wrote:
> David Shaw wrote:
> > On Tue, Sep 06, 2005 at 01:36:37PM -0500, John Clizbe wrote:
> > 
> >>Kurt Fitzner wrote:
> >>
> <snip>
> >>gpg --edit-key <keyID> clean
> >>
> >>And setting the clean-sigs and clean-uids options on import-options,
> >>export-options, and keyserver-options are our only defense until then.
> >>
> >>Like you, I refreshed from a SKS server and found 120 new sigs on my key,
> >>ALL PGP Universal Keyserver.
> > 
> > 
> > To my knowledge, the PGP GD doesn't sync with anyone.  It would be
> > interesting to know how/where these signatures are leaking into the
> > keyserver net.
> > 
> Probably some PGP users who are "automagically" synchronising their
> entire keyrings with multiple keyservers, leaking keys that their owners
> would rather not have on the keyservers in the process :(

I'm not terribly familiar with the PGP 9 product, but does it even
have a feature to do this?  I seem to recall some notion of uploading
changes to your own key, or changes to keys that you have signed, but
not a way to upload changes to a whole keyring.

It seems like an odd feature for a program to have.


More information about the Gnupg-users mailing list