On Thu, 11 Jan 2024 at 14:47, James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> wrote: > > Well, I did already tell you that I bypass the pgp keyservers because I > use a DNSSEC based DANE entry instead: > > https://lore.kernel.org/all/1564171685.9950.14.camel@xxxxxxxxxxxxxxxxxxxxx/ I think I dimly remember seeing that email. But honestly, that just reinforces my point: this is yet ANOTHER magical thing you have to know about gpg, and that nobody buy you use. So if you insist on using these things that are obscure, you need to keep reminding people. Every time your keys are close to expiry, send out an email saying "To update my key, use this magical command line". If gpg did that auto-locate automatically, and it all JustWorked(tm), it would be one thing. But that is clearly against the design principles of pgp and gpg. Linus
