Can't propagate key through public keyservers

David SMITH dave.smith at
Mon Oct 30 10:42:20 CET 2006

On Fri, Oct 27, 2006 at 07:26:24PM +0200, Werner Koch wrote:
> On Fri, 27 Oct 2006 16:10, David SMITH said:
> > I'm having some problems with my GnuPG-generated key.  I have one
> > primary DSA for signing (which does not expire), and then every 6 months
> > I generate a new El-Gamal encryption key (which expires after 6 months).
> That is fine.  Many folks do it like this.

I thought so. :-)

> > Now, when I upload my public key to a keyserver it all appears to go OK,
> > but when someone else then tries to download my key, the sub-key is
> > missing/doesn't work.
> You are using an old and proken keyserver.  The pks keyservers are
> known to not work correct with several subkeys.  You better replace
> them by a modern implementation like SKS or ONAK.

I suspected as much.  I was just a bit surprised, as I've propagated my key
through public keyservers before, and never come across this problem.
I guess it must not like my new subkeys.

Thanks (to you and the others) for the suggestions on which keyservers to
try; I'll try them when I get home (as we have a rather restrictive
firewall here at work).

Does anyone have any more details on exactly *what* is "broken" on the
pks keyservers?  I'm going to have to convince our IT department that it's
the keyserver that's broken, and not my key (since no-one else has the
problem, as they all use single subkeys), and I think it's going to be
an uphill struggle to persuade them to install a brand new keyserver
rather than just tell me to create a new set of keys.


David Smith        | Tel: +44 (0)1454 462380    Home: +44 (0)1454 616963
STMicroelectronics | Fax: +44 (0)1454 462305  Mobile: +44 (0)7932 642724
1000 Aztec West    | TINA: 065 2380          GPG Key: 0xF13192F2
Almondsbury        | Work Email: Dave.Smith at
BRISTOL, BS32 4SQ  | Home Email: David.Smith at

More information about the Gnupg-users mailing list