Excerpts from Luca Capello's message of Mit Aug 18 23:13:24 +0200 2010: > With this mail, however, I would like to comment on using the HKPS > keyservers. > > The problem with this approach is that you cannot use a round-robin > server (like keys.gnupg.net, the default if no specified in gpg.conf, or > subkeys.pgp.net) and relying on a single keyserver can cause problems as > well if the keyserver is not regularly synced. At least in theory a round robin dns name for all hkps enabled key servers would be possible. You just need someone trusted by most users to certify that your server is part of the pool. Most CAs (including CA-Cert) won't issue more than one certificate per name, though. Could this be solved by using monkeysphere? Gaudenz -- Ever tried. Ever failed. No matter. Try again. Fail again. Fail better. ~ Samuel Beckett ~
Attachment:
signature.asc
Description: PGP signature