Can't propagate key through public keyservers

Olaf Gellert olaf.gellert at
Mon Oct 30 12:43:55 CET 2006

David SMITH wrote:

> Does anyone have any more details on exactly *what* is "broken" on the
> pks keyservers?  I'm going to have to convince our IT department that it's
> the keyserver that's broken, and not my key (since no-one else has the
> problem, as they all use single subkeys), and I think it's going to be
> an uphill struggle to persuade them to install a brand new keyserver
> rather than just tell me to create a new set of keys.

To my knowledge on outdated versions of PKS a key is
mangled completely if a new subkey arrives. On recent
PKS servers, a new subkey is simply not stored (so
the old subkey stays there and the complete key stays
intact, only the new subkey is missing).

The word has it that there was one single patched
PKS that could handle multiple subkeys, but the
patch was never published.

You might convince your IT-department at least when
someone else has to add a new subkey. So just sit
and wait and you will get better (or more) arguments...

No, to be honest: SKS keyservers work for all recent
key formats of PGP/GnuPG, so that's a solution...

Regards, Olaf


Dipl.Inform. Olaf Gellert                   INTRUSION-LAB.NET
Senior Researcher,            
PKI - and IDS - Services        olaf.gellert at

More information about the Gnupg-users mailing list