what is "correct" for users' Preferred keyserver ?

David Shaw dshaw at jabberwocky.com
Thu Aug 14 13:47:36 CEST 2014

On Aug 14, 2014, at 1:08 AM, Doug Barton <dougb at dougbarton.us> wrote:

> On 08/12/2014 11:27 PM, shmick at riseup.net wrote:
>> i've seen a multitude of ways people input data into this pref
>> for example, some people put a link to their public key .asc or .txt file
>> some others put a link to an actual keyserver
>> from the name of the actual pref, it states a keyserver, so shouldn't
>> users input a link to their Preferred keyserver and not a link to
>> download a public key or txt file ?
> Please don't use this option, or encourage its use. It leads to the trap described here:
> https://dougbarton.us/PGP/stale-keyserver-url.html
> which most users (even those few who update their keyrings) cannot figure out how to escape.

Perhaps the problem here is not the option, but the behavior on failure.  If querying the preferred keyserver does not return a response during a refresh (for whatever reason), maybe GPG should continue on and try to get the key from the standard --keyserver location.

After all, it's a "preferred" keyserver.  Not an "exclusive" keyserver.


More information about the Gnupg-users mailing list