On Tue, 2003-01-14 at 15:52, John Goerzen wrote:
>
> So, I have two questions:
> 1. Did keyring.debian.org register my key update?
No.
> 2. Why does the recv-keys not work from keyring.debian.org?
Currently, almost all pksd keyservers are broken for keys with more than
one subkey. What happens is along the lines of:
Original key =
primary
... userids and signatures ...
subkey
binding signature
subkey
binding sig
gets converted to
primary
...
subkey
subkey
binding sig of the first subkey
Which means that the first subkey must not be used now because it could
be faked. The other subkey cannot be imported by older gpg (and probably
all pgp) versions (starting with 1.2.? there's a workaround that will
repair the key so that at least one subkey can be used).
keyserver.kjsl.com and a few others have been fixed. The patch will
hopefully go into pksd 0.9.6, but I can't tell you when that might
happen (JHarris is the relevant person here).
HTH
-- vbi
--
Yevtushenko has... an ego that can crack crystal at a distance of twenty feet.
-- John Cheever
Attachment:
signature.asc
Description: This is a digitally signed message part