On Sun, Oct 21, 2007 at 09:45:56PM -0700, Doug Barton wrote: > On Sun, 21 Oct 2007, David Shaw wrote: > > > Or to be more accurate, you DO have a key for encryption, but the > > keyserver isn't storing it. This is a well-known keyserver bug with > > the pksd keyserver software, > > Out of curiosity, what software are the subkeys.pgp.net servers running? > I've had pretty good luck with that pool but I would hate to think I'm not > getting the complete picture. (Not to mention if I ever decide to generate > a key with subkeys ...)
subkeys.pgp.net is running a mix of sks and pksd. The history of pgp keyservers is a little messy, but essentially subkeys.pgp.net means "won't destroy your key with multiple subkeys" and not "stores the complete key and all subkeys". The distinction is crucial. ;) I suspect the reason this hasn't been a bigger problem is that most people have only one subkey, so they never see this. > > but many sites refuse to stop running it, despite this and other bugs. > > If you use a keyerver running sks software, you'll be fine. I believe > > that pool.sks-keyservers.net has only sks servers in its mix. > > Is there a way for us to tell that remotely? One way is to add "--keyserver-options debug" to your command when you hit a keyserver. GPG will print out some information, including a line like: Server: sks_www/1.0.10 Server: pks_www/0.9.6 sks is sks, and pks is pksd. David _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
