Re: Keyserver refresh period after gpg --send-keys
On Saturday 24 February 2007 00:22:34 John Clizbe wrote: Bruno Costacurta wrote: On Sunday 18 February 2007 23:11:37 Bruno Costacurta wrote: Hello, I updated the expiration (via gpg --edit-key using expire option) of my key and (re)sended it to a keyserver (via gpg --send-keys [my key id]) to keyserver subkeys.pgp.net. However key is still not updated after few hours. What are normal delays ? Bye, Bruno Hello, it seems to works better now but all changes are not reflected. Via 'gpg --list-key' I'm able to modify keys expiration, add / remove uid and delete uneeded signatures. Save and list reflect my changes. However, after export, only new expiration and uid are present, other removed items are still present. How to export all the changes ? You can't delete information from a keyserver that synchronizes with others. That's why new information and changes show up, but your deletions do not. Well...it makes sense. Thanks for your attention and answer. Bye, Bruno ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Keyserver refresh period after gpg --send-keys
On Sunday 18 February 2007 23:11:37 Bruno Costacurta wrote: Hello, I updated the expiration (via gpg --edit-key using expire option) of my key and (re)sended it to a keyserver (via gpg --send-keys [my key id]) to keyserver subkeys.pgp.net. However key is still not updated after few hours. What are normal delays ? Bye, Bruno Hello, it seems to works better now but all changes are not reflected. Via 'gpg --list-key' I'm able to modify keys expiration, add / remove uid and delete uneeded signatures. Save and list reflect my changes. However, after export, only new expiration and uid are present, other removed items are still present. How to export all the changes ? Thanks for attention. Bye, Bruno -- Bruno Costacurta PGP key : http://www.costacurta.org/keys/bruno_costacurta_pgp_key.html Key fingerprint = 713F 7956 9441 7DEF 58ED 1951 7E07 569B 2E60 4D51 -- pgp1jocPpQFde.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Keyserver refresh period after gpg --send-keys
Bruno Costacurta wrote: On Sunday 18 February 2007 23:11:37 Bruno Costacurta wrote: Hello, I updated the expiration (via gpg --edit-key using expire option) of my key and (re)sended it to a keyserver (via gpg --send-keys [my key id]) to keyserver subkeys.pgp.net. However key is still not updated after few hours. What are normal delays ? Bye, Bruno Hello, it seems to works better now but all changes are not reflected. Via 'gpg --list-key' I'm able to modify keys expiration, add / remove uid and delete uneeded signatures. Save and list reflect my changes. However, after export, only new expiration and uid are present, other removed items are still present. How to export all the changes ? You can't delete information from a keyserver that synchronizes with others. That's why new information and changes show up, but your deletions do not. -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 Be who you are and say what you feel because those who mind don't matter and those who matter don't mind. - Dr Seuss, Oh the Places You'll Go signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Keyserver refresh period after gpg --send-keys
On Monday 19 February 2007 17:51:02 Jason Harris wrote: On Sun, Feb 18, 2007 at 11:31:55PM -0500, David Shaw wrote: On Sun, Feb 18, 2007 at 11:11:37PM +0100, Bruno Costacurta wrote: I updated the expiration (via gpg --edit-key using expire option) of my key and (re)sended it to a keyserver (via gpg --send-keys [my key id]) to keyserver subkeys.pgp.net. However key is still not updated after few hours. What are normal delays ? Keys do get temporarily trapped on the SKS keyserver network until keyserver.kjsl.com copies them over to the rest of the planet. BTW, your subkey isn't currently usable: sub 2048g/0CC897B5 2006-06-11 [subkey] Key fingerprint = CCE0 5315 0022 9460 0337 6C6F 4253 1C9A 0CC8 97B5 sig 0x18 2E604D51 2006-06-11 [skey EXPIRED 2006-12-08] [keybind, hash: type 2, e0 0f] sig 0x18 2E604D51 2006-06-11 [skey EXPIRED 2006-12-08] [keybind, hash: type 2, e0 0f] There is not an easy answer to that question. subkeys.pgp.net is not actually a keyserver, but rather a collection of (at the moment) 5 different keyservers. When you use it, you get one server from the pool in a round-robin fashion. Generally speaking, any given keyserver in the pool that you update reflects the update immediately, but frequently people update one keyserver in the pool, but then check for the update from another server in the pool which hasn't gotten it yet. NB: I think if GPG printed the IP address of the keyserver it used, it could end some of this confusion. Specifically, these were in a batch update from SKS to onak/OpenPKSD/pks/ etc. (all times are TZ=UTC): 2007-02-06 23:02:08.290952260 display_new_sig: new sig 28 by 2E604D51 added to 2E604D51 Bruno Costacurta [EMAIL PROTECTED] 2007-02-06 23:02:08.291023778 display_new_sig: new subkey sig by 2E604D51 added to 2E604D51 these were first seen from pgp.nic.ad.jp: 2007-02-16 13:41:00.597122207 display_new_sig: new sig 1 by 2E604D51 added to 2E604D51 Bruno Costacurta [EMAIL PROTECTED] 2007-02-16 13:41:00.597182829 display_new_sig: new sig 2 by 2E604D51 added to 2E604D51 pubmb02 [EMAIL PROTECTED] and these were in another batch update: 2007-02-18 23:02:27.870255691 display_new_sig: new sig 71 by 2E604D51 added to 2E604D51 Bruno Costacurta [EMAIL PROTECTED] 2007-02-18 23:02:27.870319946 display_new_sig: new sig 72 by 2E604D51 added to 2E604D51 pubmb02 [EMAIL PROTECTED] Well, I still cannot see any refresh of my keys...sent 4 days ago. Should I try again ? Thanks. Bruno ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Keyserver refresh period after gpg --send-keys
On Sun, Feb 18, 2007 at 11:31:55PM -0500, David Shaw wrote: On Sun, Feb 18, 2007 at 11:11:37PM +0100, Bruno Costacurta wrote: I updated the expiration (via gpg --edit-key using expire option) of my key and (re)sended it to a keyserver (via gpg --send-keys [my key id]) to keyserver subkeys.pgp.net. However key is still not updated after few hours. What are normal delays ? Keys do get temporarily trapped on the SKS keyserver network until keyserver.kjsl.com copies them over to the rest of the planet. BTW, your subkey isn't currently usable: sub 2048g/0CC897B5 2006-06-11 [subkey] Key fingerprint = CCE0 5315 0022 9460 0337 6C6F 4253 1C9A 0CC8 97B5 sig 0x18 2E604D51 2006-06-11 [skey EXPIRED 2006-12-08] [keybind, hash: type 2, e0 0f] sig 0x18 2E604D51 2006-06-11 [skey EXPIRED 2006-12-08] [keybind, hash: type 2, e0 0f] There is not an easy answer to that question. subkeys.pgp.net is not actually a keyserver, but rather a collection of (at the moment) 5 different keyservers. When you use it, you get one server from the pool in a round-robin fashion. Generally speaking, any given keyserver in the pool that you update reflects the update immediately, but frequently people update one keyserver in the pool, but then check for the update from another server in the pool which hasn't gotten it yet. NB: I think if GPG printed the IP address of the keyserver it used, it could end some of this confusion. Specifically, these were in a batch update from SKS to onak/OpenPKSD/pks/ etc. (all times are TZ=UTC): 2007-02-06 23:02:08.290952260 display_new_sig: new sig 28 by 2E604D51 added to 2E604D51 Bruno Costacurta [EMAIL PROTECTED] 2007-02-06 23:02:08.291023778 display_new_sig: new subkey sig by 2E604D51 added to 2E604D51 these were first seen from pgp.nic.ad.jp: 2007-02-16 13:41:00.597122207 display_new_sig: new sig 1 by 2E604D51 added to 2E604D51 Bruno Costacurta [EMAIL PROTECTED] 2007-02-16 13:41:00.597182829 display_new_sig: new sig 2 by 2E604D51 added to 2E604D51 pubmb02 [EMAIL PROTECTED] and these were in another batch update: 2007-02-18 23:02:27.870255691 display_new_sig: new sig 71 by 2E604D51 added to 2E604D51 Bruno Costacurta [EMAIL PROTECTED] 2007-02-18 23:02:27.870319946 display_new_sig: new sig 72 by 2E604D51 added to 2E604D51 pubmb02 [EMAIL PROTECTED] -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? [EMAIL PROTECTED] _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 pgpFyjN7NndU0.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Keyserver refresh period after gpg --send-keys
On Mon, Feb 19, 2007 at 11:51:02AM -0500, Jason Harris wrote: There is not an easy answer to that question. subkeys.pgp.net is not actually a keyserver, but rather a collection of (at the moment) 5 different keyservers. When you use it, you get one server from the pool in a round-robin fashion. Generally speaking, any given keyserver in the pool that you update reflects the update immediately, but frequently people update one keyserver in the pool, but then check for the update from another server in the pool which hasn't gotten it yet. NB: I think if GPG printed the IP address of the keyserver it used, it could end some of this confusion. I think you're right (to print as a verbose thing for those who care to know or to help with debugging), but unfortunately there is not an easy way to get the IP address when using libcurl. I'm not particularly eager to start playing socket games with CURLINFO_LASTSOCKET just to get a string to print. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Keyserver refresh period after gpg --send-keys
On Sun, Feb 18, 2007 at 11:11:37PM +0100, Bruno Costacurta wrote: Hello, I updated the expiration (via gpg --edit-key using expire option) of my key and (re)sended it to a keyserver (via gpg --send-keys [my key id]) to keyserver subkeys.pgp.net. However key is still not updated after few hours. What are normal delays ? There is not an easy answer to that question. subkeys.pgp.net is not actually a keyserver, but rather a collection of (at the moment) 5 different keyservers. When you use it, you get one server from the pool in a round-robin fashion. Generally speaking, any given keyserver in the pool that you update reflects the update immediately, but frequently people update one keyserver in the pool, but then check for the update from another server in the pool which hasn't gotten it yet. That said, if you don't see an update by tomorrow, I'd send it again. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users