"No-Keyserver" (and other) flags on keys

Grant Olson kgo at grant-olson.net
Mon Jun 28 01:00:27 CEST 2010


On 6/27/10 4:27 PM, Dan Mahoney, System Admin wrote:
> On Sun, 27 Jun 2010, David Shaw wrote:
> 
>> On Jun 27, 2010, at 3:58 PM, Dan Mahoney, System Admin wrote:
>>> How difficult would it be to propose some kind of extension flag to
>>> the PGP key format that in essence says "don't publish me to a
>>> keyserver". Note that I'm asking from a technical point of view, not
>>> a social (i.e. making servers support it) or IETF one (insert
>>> bikesheds here).
>>>
>>> My question is: Is it possible to do in such a way that keys would be
>>> backward-compatible?
>>
>> Not only is it possible, it already exists.  GnuPG can even set it and
>> unset it, as you like.
> 
> Really?  Where is it?

I believe it's the "Keyserver no-modify" flag, which is probably already
set on your key.  It says that only the owner of the key should be able
to update or modify the key on the keyserver.

> 
> Also, is it possible for either the manpage or the interactive help to
> include the meaning of the various preferences that are not cipher types?
> 

When you're getting that deep into all things OpenPGP, it's probably
best just to go straight to the RFCs.

http://tools.ietf.org/html/rfc4880#section-5.2.3.17


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 559 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20100627/43f6c65f/attachment.pgp>


More information about the Gnupg-users mailing list