Can't propagate key through public keyservers
Olaf Gellert
olaf.gellert at intrusion-lab.net
Mon Oct 30 12:43:55 CET 2006
David SMITH wrote:
> Does anyone have any more details on exactly *what* is "broken" on the
> pks keyservers? I'm going to have to convince our IT department that it's
> the keyserver that's broken, and not my key (since no-one else has the
> problem, as they all use single subkeys), and I think it's going to be
> an uphill struggle to persuade them to install a brand new keyserver
> rather than just tell me to create a new set of keys.
To my knowledge on outdated versions of PKS a key is
mangled completely if a new subkey arrives. On recent
PKS servers, a new subkey is simply not stored (so
the old subkey stays there and the complete key stays
intact, only the new subkey is missing).
The word has it that there was one single patched
PKS that could handle multiple subkeys, but the
patch was never published.
You might convince your IT-department at least when
someone else has to add a new subkey. So just sit
and wait and you will get better (or more) arguments...
;-)
No, to be honest: SKS keyservers work for all recent
key formats of PGP/GnuPG, so that's a solution...
Regards, Olaf
--
Dipl.Inform. Olaf Gellert INTRUSION-LAB.NET
Senior Researcher, www.intrusion-lab.net
PKI - and IDS - Services olaf.gellert at intrusion-lab.net
More information about the Gnupg-users
mailing list