[ale] gnupg signatures

Ken Kennedy kkennedy at kenzoid.com
Wed Jan 23 23:18:06 EST 2002


On Thu, Jan 24, 2002 at 03:23:08AM -0000, Greg Sabino Mullane wrote:
> 
> > I have recieved quite a few signed messages via the list.  
> > certserver.pgp.com however does not have the keys of those 
> > signing messages.  Do I need to use a different keyserver or 
> > is there a key ring for ale?
> 
> Neither. All the keyservers (in theory) propogate out all 
> the keys to each other, so if you add it to one, it will 
> eventually end up on all. As far as I know, ALE does not 
> maintain its own keyring.
> 
 ...

> I suspect the problem is the way you are searching for the 
> keys, as the keyservers can be quite picky. The best way is 
> to use the 8 character hexadecimal key signature, which is 
> really just the last 8 characters of the key's unique 
> fingerprint (see the headers of my emails for mine).

While true, I don't think this is the whole problem. I have the same
problems with missing keys sometimes, and (like Allan, according to
his X-Mailer header) I use Mutt as my MUA, which automatically tries
to get required keys as needed. It worked fine with yours, but not
with Allan's! After double-checking manually for his (kinda ironic to
read an email about signed messages with unavailable keys, signed by
an unavailable key! *grin*), I'm wondering if people aren't sending
them to the keyservers...it isn't automatic with gpg.

To do so:

gpg --send-keys --keyserver keyserver.pgp.com 0x6CCCBBE2

(Replace 0x6CCCBBE2 with your own Key ID)

That'll get that sucker up into the keyserver at pgp.com, which
(should, in theory) mirror it about.

A good idea is to go check one's OWN key at one of the site's Greg
listed, to make sure you've remembered to a) send it in, and b) send
in an updated version whenever you get new signatures on it. 

Later!

Ken

 PGP signature




More information about the Ale mailing list