a Question about Key Servers

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Aug 25 15:36:50 CEST 2011


On 08/25/2011 09:00 AM, Robert J. Hansen wrote:
> On 8/25/11 8:27 AM, Daniel Kahn Gillmor wrote:
>> This sort of situation is one which a better toolset could automate.
> 
> It would seem the proper place for this is to leverage existing system
> automation tools, not inventing something new.
> 
> proverbs:~ rjh$ crontab -l
> 30  2  *  *  *  gpg --refresh-keys >/dev/null 2&>1
> 
> You can do equivalent things on Windows with Task Scheduler.

Yes, i do this myself, but with a large keyring, a full --refresh-keys
takes ages and thrashes my machine.  Also, some people may care that
requesting a specific set of keys from a single keyserver providing a
way for that keyserver to track them.

Having gpg (or some other tool) keep track of when it last updated a
given key (and when the key is about to expire) and choose smart times
to do updates against a configured pool of keyservers would be a nice thing.

Folks interested in this topic may also be interested in parcimonie,
which is under active recent development:

 https://gaffer.ptitcanardnoir.org/intrigeri/code/parcimonie/

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110825/32dbf582/attachment-0001.pgp>


More information about the Gnupg-users mailing list