On Jun 12, 2009, at 12:54 AM, John W. Moore III wrote:
Daniel Kahn Gillmor wrote:
Are there other proposed ways one could implement a keyserver which
respects the intent of keyserver no-modify?
Rather than attempt to introduce this much complexity into the
Keyserver
system [an impossibility] if such a scheme must be implemented then
simply introduce into the Key Generation Wizard the --keyserver
command
and then have the individual specify where they desire their Key to be
retrieved from. [Big Lumber, Personal Web page, etc.] Of course this
pre-supposes that all other Users have the --honor-keyserver-url
preference specified in gpg.conf or their Options file. [possibly
excluding PGP & other OpenPGP implementations] :-\
Note that "honor-keyserver-url" is enabled by default in GPG, and has
been enabled by default since preferred keyserver URL support was
added back in 2004. It's possible someone has turned it off, but this
would be the exception, not the rule.
PGP supports preferred keyservers as well, and as far as I know, they
work more or less the same way they do in GPG: when refreshing a key
with a preferred keyserver set, that keyserver is used.
Preferred keyserver URLs don't really address the "find me a key"
problem. They only address the "keep the key I've already found up to
date" problem.
David