keys.gnupg.net
John A. Wallace
jw72253 at verizon.net
Sat Nov 19 04:07:32 CET 2011
Hello. In my web browser I am looking at the url of keys.gnupg.net, which
has the following title on top of its page: SKS OpenPGP
Keyserver at zimmermann.mayfirst.org. This site allows me to check or submit
public keys. On that page there are some instructions in a section called
"Access", and it states:
To use this server directly via HKP add this to your .PGP keyserver list:
x-hkp://zimmermann.mayfirst.org
http://zimmermann.mayfirst.org:11371
For users of GnuPG, add the following to ~/.gnupg/gpg.conf:
keyserver hkp://zimmermann.mayfirst.org
Now when I went to look at the site noted above (i.e.,
http://zimmermann.mayfirst.org), it appears to be exactly the same as the
first page, the one with a url of "keys.gnupg.net". So, is this an
officialy sanctioned site by gnupg, one which is simply redirected?
Secondly, regarding the instructions, already in my gpg.conf file I have
this line: "keyserver hkp://keys.gnupg.net"; so, would there be any point in
changing it?
More importantly, in the same instructions it states this:
"This server is also available secured by TLS (via hkps).... You can
use HKPS by dropping the May First/People Link Certificate Authority's
certificate into ~/.gnupg/mfpl.crt, and then adding the following
lines to ~/.gnupg/gpg.conf:
keyserver hkps://zimmermann.mayfirst.org
keyserver-options ca-cert-file=/home/YOURNAME/.gnupg/mfpl.crt"
Therefore, if this is in fact an officially sanctioned site, I should prefer
to have this latter option for use as it supports encrypted key transfer
processes. I am assuming that there should be only one entry for the
"keyserver" name option although the online instructions do not explicitly
state so? Thanks.
John
More information about the Gnupg-users
mailing list