Generic question: replication/sync between key servers, how long until published?

michaelof at rocketmail.com michaelof at rocketmail.com
Fri Feb 19 14:13:46 CET 2021


Am 19.02.21 um 13:10 schrieb Andrew Gallagher via Gnupg-users:
> On 19/02/2021 11:06, michaelof--- via Gnupg-users wrote:
>> Hi all,
>>
>> published a revocation cert for a very long used old 1024 bit key plus a newly created 4096 bit key to http://keys.gnupg.net/. Visible after some minutes.
>> Now, four days later, both keys are still not visible on e.g. https://pgp.ocf.berkeley.edu
>>
>> Is this usually taking that long, or is something broken?
> 
> keys.gnupg.net doesn't exist (tested from several locations):
> 
> ```
> Host keys.gnupg.net not found: 3(NXDOMAIN)
> ```
> 
> These days, it's probably safest to publish your key to as many keyservers as you can. If they sync eventually, great. But the sync process is nowhere near as reliable as it used to be, and probably shouldn't be depended upon.
> 
> 

Thanks, Andrew, will follow your suggestion and upload to as many key servers as I'll find :)

No idea why you've got the NXDOMAIN answer for keys.gnupg.net, but it seems that it been offline today, maybe that's why. Now it's online, again, and you are getting DNS feedback:

$ host keys.gnupg.net
keys.gnupg.net is an alias for hkps.pool.sks-keyservers.net.
hkps.pool.sks-keyservers.net has address 209.244.105.201

I've used usually pgp.mit.edu, but it's very slow, currently but for a while now. 







More information about the Gnupg-users mailing list