<<< Date Index >>>     <<< Thread Index >>>

OT: GPG Keyservers (was Re: mutt claiming that gpg signatures aren't verified)



On Fri, Oct 24 2003 at 11:50:06AM BRST, "Stewart V. Wright" 
<svwright+lists@xxxxxxxxxxxxxx> wrote:
> G'day Christoph,
> 
> * Christoph Berg <cb@xxxxxxxxxxxxxxxx> [031024 13:59]:
> > I can't find your key on the keyservers. Could you upload it to
> > wwwkeys.pgp.net or one of the local servers?
> 
> I'm getting slightly sick of this...
> 
>  1) Look at my headers, I use the X-Request-PGP header.

        Perhaps mutt should highlight those by default (or variable-option)?
Of course, people could manually choose to highlight them, but, without some
nagging (or perhaps a friendly suggestion), most won't.

>  2) Use a proper key server. pgp.com and pgp.net suck.  They trash
>     keys.  Try
>       gpg -v --keyserver keyserver.kjsl.com --recv-key 35DB7472

> I'm sorry for appearing grumpy about this, but too many people are
> still using the old, crappy keyservers.  We yell at people for using
> mutt 1.2, so the same applies with the keyservers.

        There's a big sign on the frontpage of the mutt.org website, saying
"Don't use mutt 1.2 or we'll yell at you". However, there's nothing of that
kind on, say, the gnupg website. In fact, a search for "keyserver" there
will lead one to use pgp.{com,net}, from the people on mailing lists.

        To be honest, I didn't even know of sks! I've now switched, it's
also much faster than pgp.net and seems more reliable than keyserver.net,
thanks :)

        Anyway, perhaps someone should nag the gnupg people to be more
explicit about keyservers?



                rbp
-- 
 Rodrigo Bernardo Pimentel                         <rbp@xxxxxxxxxxxx>
 http://isnomore.net                          GPG KeyId: <0x0DB14978>

I'm sorry to bother you, but there was nobody else around for me to bother.