I'm not blocking the release on this, but as a general topic, I was trying to verify gpg sigs on the latest daffodil RC.
I was not able to verify gpg signatures without manually importing josh's key from keys.openpgp.org. I was able to sign josh's key and push that to the keys.openpgp.org keyserver. But I'm told openpgp.org strips away signatures from keys. Nor have I been able to pull his public key from pgp.mit.edu nor keyserver.ubuntu.com. So I asked OpenGPT4o about this keyserver situation. Here's what it said: **Q:** Do these various keyservers eventually synchronize with each other? **A:** In the past, most **OpenPGP keyservers** were part of a distributed network called the **SKS Keyserver Network**. These keyservers (such as `pgp.mit.edu` and `keyserver.ubuntu.com`) would synchronize with each other, meaning that once you uploaded a key or signature to one keyserver, it would eventually propagate to the others. However, as of recent years, the situation has changed significantly: ### **Current Keyserver Landscape:** 1. **SKS Keyserver Network (Decommissioned/Deprecated):** The SKS keyserver network suffered from scalability and abuse issues (e.g., spamming keys with garbage data). Many keyservers, including popular ones like `pgp.mit.edu`, still exist but may not fully sync or could be unreliable. (MikeB: yes, pgp.mit.edu appears to be not working. It serves a web page, but queries get a proxy error as do attempts to query via their email interface.) 2. **keys.openpgp.org (Modern Keyserver):** - **Does not synchronize** with other keyservers. - Focuses on privacy and user consent. It only distributes keys if the key owner has verified their email. - **Does not store or share third-party signatures**—you can only see the primary key and the verified email identity. 3. **Ubuntu Keyserver (hkps://keyserver.ubuntu.com):** - This is a commonly used keyserver that still supports third-party signatures. - It functions independently and does not synchronize with ` keys.openpgp.org`. ### **In Summary:** - Keyservers like `keys.openpgp.org` and `keyserver.ubuntu.com` do not synchronize with each other. - If you want to share a signed key, you need to choose an appropriate keyserver (like Ubuntu's keyserver) or distribute the signed key manually. - If your primary concern is that others see your signature, consider advising them to use a keyserver that supports third-party signatures or send them the signed key directly. Based on that pessimistic assessment, I asked Google Gemini "Is the PGP Web of Trust Broken?". Here is it's reply: Yes, many experts consider the PGP Web of Trust to be largely "broken" due to issues with keyservers, particularly the ability for malicious actors to easily flood the system with fake key signatures, rendering the trust verification process unreliable; this has led to concerns about the integrity of the Web of Trust model in practice. [1, 2, 3, 4, 5] Key points about this issue: [1, 2, 3] • Keyserver attacks: Malicious actors can easily upload large numbers of fake key signatures to keyservers, making it difficult to distinguish legitimate keys from fraudulent ones. [1, 2, 3] • Spamming issue: This "key spamming" can overwhelm users with untrusted signatures, significantly reducing the effectiveness of the Web of Trust. [1, 2, 3] • Impact on trust verification: Due to the difficulty of verifying signatures on keyservers, users may have trouble confidently trusting a key, even if it appears to be signed by other trusted individuals. [1, 2, 4] Alternatives and considerations: [5, 6, 7] • Manual key verification: To mitigate this issue, some users rely heavily on manual key verification processes, where they directly exchange keys with individuals they trust and carefully review the signatures. [5, 6, 7] • Key signing parties: Organizing key signing parties where individuals physically meet to verify each other's identities and sign keys can be a more secure method. [5, 8] • Emerging solutions: Some platforms like Keybase are attempting to address the Web of Trust limitations by providing additional verification mechanisms and user identity checks. [1, 9] Generative AI is experimental. [1] https://crypto.stackexchange.com/questions/80629/what-is-the-pgp-web-of-trust-strongset [2] https://inversegravity.net/2019/web-of-trust-dead/ [3] https://www.reddit.com/r/GnuPG/comments/l64rhj/are_services_like_protonmail_damaging_the_web_of/ [4] https://mailbox.org/en/post/the-keyserver-is-dead-long-live-the-keyserver [5] https://www.latacora.com/blog/2019/07/16/the-pgp-problem/ [6] https://www.linuxfoundation.org/blog/blog/pgp-web-of-trust-delegated-trust-and-keyservers [7] https://www.giac.org/paper/gsec/625/trust-model-pgp-x509-standard-pki/101441 [8] https://medium.com/@bblfish/what-are-the-failings-of-pgp-web-of-trust-958e1f62e5b7 [9] https://www.reddit.com/r/GnuPG/comments/wtd1ht/is_gpg_getting_too_old/ Based on this, I'm pretty pessimistic that PGP Web of Trust is worth a damn any more. Openpgp.org doesn't even distribute signatures on keys. They strip them off. Without a trusted backbone of non-spamable PGP key servers, these pgp code signing keys well.... people will have to just download the KEYS file from github, but "web" of trust it is not.
