Public Key Servers
========
8. Public Key Servers
========
8.1. What are the Public Key Servers?
Public Key Servers exist for the purpose of making your public key
available in a common database where everybody can have access to it
for the purpose of encrypting messages to you. While a number of key
servers exist, it is only necessary to send your key to one of them.
The key server will take care of the job of sending your key to all
other known servers.
Very recently, the number of keys reported on the key servers passed
10,000.
========
8.2. What public key servers are available?
The following is a list of all of the known public key servers active
as of the publication date of this FAQ. Any changes to this list
should be posted to alt.security.pgp and a copy forwarded to me for
inclusion in future releases of the alt.security.pgp FAQ.
Sites accessible via mail:
pgp-public-keys@pgp.mit.edu
Derek Atkins
pgp-public-keys@pgp.iastate.edu
Michael Graff
pgp-public-keys@burn.ucsd.edu
Andy Howard
pgp-public-keys@fbihh.informatik.uni-hamburg.de
Vesselin V. Bontchev
public-key-server@martigny.ai.mit.edu
Brian A. LaMacchia
pgp-public-keys@pgp.ox.ac.uk
Paul Leyland
pgp-public-keys@dsi.unimi.it
David Vincenzetti
pgp-public-keys@kub.nl
Teun Nijssen
pgp-public-keys@ext221.sra.co.jp
Hironobu Suzuki
pgp-public-keys@sw.oz.au
Jeremy Fitzhardinge
pgp-public-keys@kiae.su
pgp-public-keys@srce.hr
Cedomir Igaly
pgp-public-keys@pgp.pipex.net
Mark Turner
pgp-public-keys@goliat.upc.es
Alvar Vinacua
pgp-public-keys@gondolin.org
Sites accessible via WWW:
http://martigny.ai.mit.edu/~bal/pks-toplev.html
http://ibd.ar.com/PublicKeys.html
Key server keyrings accessible via FTP:
ftp://pgp.iastate.edu/pub/pgp/public-keys.pgp
ftp://pgp.mit.edu/pub/keys/public-keys.pgp
ftp://burn.ucsd.edu/Crypto/public-keys.pgp
ftp://alex.sp.cs.cmu.edu/links/security/pubring.pgp
ftp://ftp.informatik.uni-hamburg.de/pub/virus/misc/pubkring.pgp
ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/public-keys.pgp
ftp://jpunix.com/pub/PGP/
The following key servers are no longer in operation:
pgp-public-keys@phil.utmb.edu
pgp-public-keys@proxima.alt.za
pgp-public-keys@demon.co.uk
In addition to the "traditional" keyservers, there is a commercial key
registry in operation at four11.com. Four11 Directory Services is set
up primarily as a directory service to assist in searching for people
or groups. Members of the service may have their key certified by
Four11 and placed on their server; a key signature from Four11
indicates that you have met their signing requirements. At the time
of this writing, they offer "SLED Silver Signatures", which require
identification of the key holder through one of the following:
- a mailed or faxed driver's license
- a mailed or faxed copy of a passport
- payment for services with a preprinted personal check which cleared
Send mail to info@four11.com or connect to http://www.four11.com/ for
more information on SLED/Four11 or to search their server. You can
request keys from their key server by sending E-mail to key@four11.com
or by fingering @publickey.com. Their current
certification keys may be retrieved by sending mail to
key-pgp-silver@sled.com or by looking up "SLED" on the other
keyservers.
===============
8.3. What is the syntax of the key server commands?
The key server expects to see one of the following commands placed in
the subject field. Note that only the ADD command uses the body of the
message.
- -------------------------------------------------------------
ADD Your PGP public key (key to add is body of msg) (-ka)
INDEX List all PGP keys the server knows about (-kv)
VERBOSE INDEX List all PGP keys, verbose format (-kvv)
GET Get the whole public key ring (-kxa *)
GET Get just that one key (-kxa )
MGET Get all keys which match
LAST Get all keys uploaded during last days
- -------------------------------------------------------------
If you wish to get the entire key ring and have access to FTP, it
would be a lot more efficient to use FTP rather than e-mail. Using
e-mail, the entire key ring can generate a many part message, which
you will have to reconstruct into a single file before adding it to
your key ring.