On Tue, 17 Jun 2003 23:42:13 +0200, martin f krafft said:

> an unusable public key. It only seems to work if they use modern
> software and obtain my key from keyserver.kjsl.com:11371 or the

You may also want to use subkeys.pgp.net.  These are servers running
software not eating keys.

> - What is the problem with multiple subkeys?

pksd used to have only a simple hack to support *one* subkey but bo
revocation for them etc.  If they encounter a key with an "unknown"
structre they start to eat packets or swap them around.

Updated pksd versions are much better and won't eat them anymore.
However due to the syncronisation they can't do much about already
garbled keys except for removing invalid parts.

> - Are they in accordance with the RFC (2440)?


> - Are others experiencing these problems, and how do you deal with
>   them?

I have these problems for may years now and as a workaround I use the
X-Request-PGP header to point to a valid source of my key.

> - Is there a solution in the works?

There is a couple of new keyserver software actually in use but not
yet widespread enough.  subkeys.pgp.net is a goog start.

> - If not, has anyone already thought about how to solve this mess?

All keyserver operators should update to the new pksd or even better
use one of the modern servers.



Werner Koch                                      <[EMAIL PROTECTED]>
The GnuPG Experts                                http://g10code.com
Free Software Foundation Europe                  http://fsfeurope.org

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to