Keyserver access changes in GnuPG

Wiktor Kwapisiewicz wiktor at
Wed Dec 12 22:43:49 CET 2018

On 12.12.2018 22:35, Andrew Luke Nesbit wrote:
> My subkeys expired on Monday, 10/12/2018.  I've updated my subkeys with
> a new expiration date (in one year).  I'm considering NOT uploading the
> new public keys to the keyservers.  Rather, I will distribute them using
> other channels, such as downloading from my personal website or sneakernet.
> Should I issue and publish a revocation certificate?  Will this cause
> problems considering that I'm still using the same master key?

I don't think revocation is necessary if the private subkeys are still safe.

It may be just inconvenient for people that want to contact you / verify your
signatures to see your subkeys expired and when they "gpg --refresh-keys" (as
they always do) your key would still be expired with no apparent way of
proceeding. If I saw something like that I'd think the key is abandoned.

If you had HTTPS on your site I'd recommend Web Key Directory as this downloads
keys from your site *and* refreshes expired keys from your site too automatically.

Kind regards,


More information about the Gnupg-users mailing list