On Tue, Oct 25, 2005 at 11:49:12AM -0700, Doug Barton wrote: > > I got this when I retrieved the PGP GD key via hkp. > > REmoving this key from my keyring was enough to suppress those > > messages. > > I had a similar problem with the version of the key that I received from > hkp. I downloaded the key from http://keyserver.pgp.com/ and imported it by > hand, and didn't have these problems any more.
Yes. The PGP GD key that's on the HKP network is riddled with garbage. Getting it from ldap://keyserver.pgp.com (or manually via HTTP as you did) is the right thing to do. It actually revealing interesting key use data: the copy on keyserver.pgp.com is the "real" copy, with only the signatures that the PGP company put there. The copy on the HKP net has a few hundred other signatures... some, no doubt, in error. You could probably regard most of the difference between the two sets as people who didn't use local signatures, but should have. Judging by the number of signature revocations attached to that key, some people did realize their error, but too late. David _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
