regular update of all keys from a keyserver

Martin T m4rtntns at gmail.com
Tue Oct 18 09:09:53 CEST 2016


Thank you for all the replies!




Martin

On Mon, Oct 17, 2016 at 7:52 PM, Brian Minton <brian at minton.name> wrote:
>
>
> On 10/17/2016 11:41 AM, Daniel Kahn Gillmor wrote:
>> On Mon 2016-10-17 06:31:16 -0400, Martin T wrote:
>>
>>> I am aware that one can update all the keys in local-keyring from a
>>> keyserver using "gpg --refresh-keys". Are there any disadvantages to
>>> simply put this command into user crontab and execute for example once
>>> a day?
>> The only disadvantages are if you don't want to reveal the contents of
>> your keyring to the public keyservers, or to announce your presence on
>> the network.
>>
>> If you prefer to do these things in an anonymized way, you might prefer
>> a tool like parcimonie,
>
> I run a key server, which allows me to do as many key-retrieval queries
> as I like, without giving any information away to the rest of the
> world.  It also helps a little, but not completely, with the problem of
> adding keys to the keyserver network, with respect to my social
> network.  In particular, it's not easy for any keyserver to see which of
> its peers' peers a given key or set of keys, originated from.  However,
> in theory, an attacker could track the progress of a given key across
> the network of keyservers by quick querying, but it's a pretty small
> window between the introduction of keys to a single member of the pool,
> and it being shared to all the keyservers.
>
>
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>



More information about the Gnupg-users mailing list