> -----Original Message----- > From: John A. Wallace [mailto:[email protected]] > Sent: Friday, November 18, 2011 9:08 PM > To: '[email protected]' > Subject: keys.gnupg.net > > Hello. In my web browser I am looking at the url of keys.gnupg.net, > which has the following title on top of its page: SKS OpenPGP > [email protected]. This site allows me to check or > submit public keys. On that page there are some instructions in a > section called "Access", and it states: > > To use this server directly via HKP add this to your .PGP keyserver > list: > > x-hkp://zimmermann.mayfirst.org > http://zimmermann.mayfirst.org:11371 > > For users of GnuPG, add the following to ~/.gnupg/gpg.conf: > > keyserver hkp://zimmermann.mayfirst.org > > > Now when I went to look at the site noted above (i.e., > http://zimmermann.mayfirst.org), it appears to be exactly the same as > the first page, the one with a url of "keys.gnupg.net". So, is this an > officialy sanctioned site by gnupg, one which is simply redirected? > > Secondly, regarding the instructions, already in my gpg.conf file I > have this line: "keyserver hkp://keys.gnupg.net"; so, would there be > any point in changing it? > > More importantly, in the same instructions it states this: > > "This server is also available secured by TLS (via hkps).... You > can use HKPS by dropping the May First/People Link Certificate > Authority's certificate into ~/.gnupg/mfpl.crt, and then adding the > following lines to ~/.gnupg/gpg.conf: > > keyserver hkps://zimmermann.mayfirst.org > keyserver-options ca-cert-file=/home/YOURNAME/.gnupg/mfpl.crt" > > Therefore, if this is in fact an officially sanctioned site, I should > prefer to have this latter option for use as it supports encrypted key > transfer processes. I am assuming that there should be only one entry > for the "keyserver" name option although the online instructions do not > explicitly state so? Thanks. > > John In addition, it seems to imply to me from the instructions online at http://www.gnupg.org/documentation/manuals/gnupg-devel/GPG-Configuration-Opt ions.html, that I could in fact use more than one "keyserver 'name'" option in my 'gpg.conf' file; and that I could use different options for different keyservers. At least that is how I understand these instructions:
" After the keyserver name, optional keyserver configuration options may be provided. These are the same as the global --keyserver-options from below, but apply only to this particular keyserver." Or is this instruction referring only to different options for different "types" (e.g., hkp, ldap or mailto) of keyservers? I mean, if I am interpreting it right, I could, theoretically, use these lines in gpg.conf: keyserver hkp://keys.gnupg.net keyserver hkps://zimmermann.mayfirst.org ca-cert-file=<path to gnupghome>\mfpl.crt keyserver-options verbose Thanks. John _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
