public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-dev] From GWN: GnuPG keyservers
@ 2003-01-22  8:07 Joseph Carter
  2003-01-22 19:39 ` J Robert Ray
  0 siblings, 1 reply; 5+ messages in thread
From: Joseph Carter @ 2003-01-22  8:07 UTC (permalink / raw
  To: gentoo-dev

[-- Attachment #1: Type: text/plain, Size: 1137 bytes --]

Please note that wwwkeys.pgp.net has the HKP protocol bug.  That is to say
that the keyserver will irrevocably hose certain GnuPG keys, those having
multiple subkeys.

There is no fix.  There is no way to make a corrupted key work again.
GnuPG versions greater than 1.0.6 will attempt to make the corrupted keys
usable again, but it can only go so far.


The ONLY fix for this problem seems to be use of a non-broken key server
protocol.  GnuPG supports one, LDAP, but this support is currently
optional and not enabled by default, so most people can't use it.  To fix
this, re-merge app-crypt/gnupg with ldap in your USE flags.

Highly recommend that LDAP become non-optional for GnuPG since bascially
ALL HKP servers corrupt valid keys, the email servers don't support
OpenPGP, and the LDAP servers happen to actually work right, amazingly
enough.

The most common LDAP server, at the moment, is ldap://keyserver.pgp.com.

-- 
Joseph Carter <knghtbrd@efn.org>                        Random sig du jour
 
<Mercury> LordHavoc: I'm already insane.
<Coderjoe> damn straight. or curvy, crooked, or what have you


[-- Attachment #2: Type: application/pgp-signature, Size: 253 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2003-01-23  2:15 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-01-22  8:07 [gentoo-dev] From GWN: GnuPG keyservers Joseph Carter
2003-01-22 19:39 ` J Robert Ray
2003-01-22 19:56   ` Paul de Vrieze
2003-01-22 19:57   ` Matthew Walker
2003-01-23  2:10   ` Max Kalika

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox