Which keyserver

Phil Pennock gnupg-users at spodhuis.org
Fri Sep 18 00:13:03 CEST 2020


On 2020-09-17 at 22:57 +0200, Martin wrote:
> Which keyserver do you recommend these days?

For what purpose?

For receiving updates to previously known keys, of people who care
enough about their keys to distribute their keys across multiple
keyservers instead of just going "I pushed it to the keyservers, that's
it, I don't care", hkps://keys.openpgp.org is probably the most
reasonable choice.

There's no choice for general purpose, and  "running a keysigning party"
or "finding someone's key from their fingerprint" which works well
today.  If publishing keys, I do recommend setting up WKD for your
domain, which helps a little.  And heck, I run a finger daemon written
in Go for a true blast from the past.  :)

<hkp://the.earth.li> is in the UK, run from the same University bunch of
folks as gave us PuTTY and has been around receiving keys from the SKS
keyservers via email for ages, so tends to be "fairly well populated",
so is where I try next after openpgp.org.

After that I hit old SKS keyservers which usually seem to work, whether
or not these entries are in the pools and _current_, since they'll at
least get me some of a key; the pool hostnames haven't been worth trying
the last several times I checked, too many bad servers.

  hkps://keyserver.ubuntu.com
  hkps://zimmermann.mayfirst.org
  hkp://keys2.kfwebs.net
  hkps://pgp.mit.edu

The kfwebs and pgp.mit.edu servers appear to not be working right now,
which leaves us with Ubuntu's and Dan Gillmor's (DKG's) mayfirst.org
server.

You can still look over https://sks-keyservers.net/status/ to see if
there are any working there, if the pool hostnames are broken for you at
the time you check.  The status list for the servers not in the pools
will show you how far "behind" they are.

-Phil



More information about the Gnupg-users mailing list