On Sat, Jul 27, 2002 at 04:54:27PM -0400, Ryan W. Maple wrote: > > > On Sat, 27 Jul 2002, Duane Dunston wrote: > > > Maybe the link below will help you. > > > > http://www.mit.edu/people/marc/pks/ > > I've used pks and can say it's pretty nice and easy to set up. If you're > using Debian just apt-get install pks. > > If you want to learn more about HKP (the protocol) check out the file > DETAILS in the GnuPG tarball and read the section entitled "Keyserver > Message Format". It's much like HTTP. Yes. Be warned though that pks has some pretty serious bugs in it. The most serious is that pks does not properly handle a key with more than one subkey, and will corrupt it so it cannot be used. Another (less severe) bug is that it does not number the new-style OpenPGP RSA keys properly, and instead uses the old-style PGP 2.x numbering. This means that you will have problems finding your key by keyid, though the key itself is unharmed. I added a workaround for the RSA numbering problem to the latest GnuPG (1.0.7) - when fetching from the keyserver, GnuPG will use both the correct and incorrect keyids to try and ensure it can get your key. I have also added a workaround for the multiple subkey corruption problem, and this will be in GnuPG 1.2 when it is released. This cannot completely repair the damaged key as some crucial data is removed by pks, but it does at least give you back one subkey. If you are using PGP, you will not be able to fetch keys from either of these groups. David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
