RFE: --update-before-use

Robert J. Hansen rjh at sixdemonbag.org
Thu Jun 14 22:34:42 CEST 2012

> 1) If the keyserver (of whatever type) isn't reachable...

As you say, easy to solve: agreed.

> 2) Concern that enough people turning this feature on would add
> significant load to the keyserver network...

An open question and one we'd need to address: agreed.

> 3) It leaks information more than auto-key-retrieve or
> auto-key-locate does.

I'm not entirely sure this is a problem.  If you're concerned about the
keyserver operator knowing that you're acquiring certificates, why would
you use that keyserver?  Why not use a different keyserver instead?  If
there were a single centralized keyserver, or a keyserver hierarchy
where individual nodes took marching orders from those above them, this
would be much more of a problem -- but here, the decentralized nature of
the keyserver network seems to work in our favor.

More information about the Gnupg-users mailing list