Questions about OpenPGP best practices

Werner Koch wk at gnupg.org
Tue Feb 26 10:01:41 CET 2013


On Tue, 26 Feb 2013 08:52, niels at dest-unreach.be said:

> It does work from time to time, so when doing a manual --recv-key, I
> usually get the key within a few tries. But when using e.g. caff (which

The problem is that this is a pool of servers and you don't know which
one you are currently using.  Thus it is only as reliable as the least
reliable server in the pool.

GnuPG 2.1 uses the Dirmngr to access the keyservers and being a daemon
it is statefull and tracks which servers are reliable.  Well, that is
the plan and most code is there.  However, it is not yet complete or
sufficiently debugged.

> And while pgp.mit.edu might not be the best keyserver, it works... (from
> my experience at least).

gpg.mit.edu is running SKS for quite some time now; thus I don't think
that there is any reason to not use it.  Except that if everyone is
using this server it will turn slow again.  Thus the advise not to use
it might in the end be a Good Suggestion.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-users mailing list