regular update of all keys from a keyserver
m4rtntns at gmail.com
Tue Oct 18 09:09:53 CEST 2016
Thank you for all the replies!
On Mon, Oct 17, 2016 at 7:52 PM, Brian Minton <brian at minton.name> wrote:
> On 10/17/2016 11:41 AM, Daniel Kahn Gillmor wrote:
>> On Mon 2016-10-17 06:31:16 -0400, Martin T wrote:
>>> I am aware that one can update all the keys in local-keyring from a
>>> keyserver using "gpg --refresh-keys". Are there any disadvantages to
>>> simply put this command into user crontab and execute for example once
>>> a day?
>> The only disadvantages are if you don't want to reveal the contents of
>> your keyring to the public keyservers, or to announce your presence on
>> the network.
>> If you prefer to do these things in an anonymized way, you might prefer
>> a tool like parcimonie,
> I run a key server, which allows me to do as many key-retrieval queries
> as I like, without giving any information away to the rest of the
> world. It also helps a little, but not completely, with the problem of
> adding keys to the keyserver network, with respect to my social
> network. In particular, it's not easy for any keyserver to see which of
> its peers' peers a given key or set of keys, originated from. However,
> in theory, an attacker could track the progress of a given key across
> the network of keyservers by quick querying, but it's a pretty small
> window between the introduction of keys to a single member of the pool,
> and it being shared to all the keyservers.
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
More information about the Gnupg-users