92
31
I want to upload my PGP public key on a public server. Till the time PGP was an independent organization, I heard a lot about KeyServers, but after Symantec acquired PGP, what is the future of these servers?
Is there any other alternative way to keep my public keys online?
RPK
Posted 2011-01-01T19:05:25.870
Reputation: 2 293
90
Yes, keyservers still exist:
Both the SKS Keyserver Pool (stats) and PGP Global Directory are still online. (Note that the PGP Global Directory is not part of the pool.)
Some pool keyservers, such as Ubuntu keyserver, have replaced SKS with more modern and reliable software such as Hockeypuck. They do however still synchronize with the pool.
New standalone servers are showing up, such as keys.openpgp.org. They are not part of the SKS pool and do not synchronize with each other (at least for now).
People usually use the SKS pool, since it consists of many servers which synchronize their databased continuously. Meanwhile, Global Directory is a single, commercially operated server which may go down at any time; the same goes for the new non-SKS keyservers.
However, SKS has the problem of accepting anything and storing it forever (much like a blockchain). This has caused problems for a long time, but started getting massively abused in 2018–2019. The new keyservers don't have synchronization partly because they want to figure out how to combine opposing goals.
The popular pgp.mit.edu has finally upgraded to SKS and is now part of the pool. There also exist a bunch of other keyservers not part of the SKS pool (listed in the same status page). The default keyserver for GnuPG, keys.gnupg.net, is now an alias to the SKS pool as well.
Another widely known server, subkeys.pgp.net, is not part of the SKS pool since (AFAIK) it still runs a very old version of PKS instead. (It also seems to be down, although the website is up.)
If your email address is at a domain name you manage (i.e. can have arbitrary DNS records created), it is also possible to publish your PGP key using DNS. The easiest method for that is PKA, which only requires the ability to create TXT records; see the article on publishing PGP Keys in the DNS.
PKA, as well as two other methods (CERT and IPGP CERT), are described in this guide in much more detail.
One downside of all three methods is that GnuPG must be manually configured to use them, and PGP.com doesn't even support using DNS. Meanwhile, practically all versions of PGP and GnuPG can use keyservers.
Note: GnuPG 2.1.3 has completely changed the PKA format (into a mix of CERT and old PKA).
Given that GnuPG did this in a minor release without any worry about backwards compatibility with the old format (in fact, the old format used to outright crash 2.1.x for a while afterwards), I'm no longer comfortable suggesting pubkey publication in DNS. It's a waste of time. Use keyservers.
user1686
Posted 2011-01-01T19:05:25.870
Reputation: 283 655
3
I was facing the same issue today and found that neither keyserver.pgp.com/ nor sks-keyservers.net/ would reply timely to me.
However, I found that keyserver.ubuntu.com worked.
Murch
Posted 2011-01-01T19:05:25.870
Reputation: 133
1You should use the high-availability subset of the pool: ha.pool.sks-keyservers.net -- adding more keyservers can decrease the reliability because less reliable servers get queried – Otto Allmendinger – 2019-04-01T12:42:53.583
2
As of mid-Sept 2019 three months following launch keys.openpgp.org news has this to say:
It is now used by default in GPGTools, Enigmail, OpenKeychain, GPGSync, Debian, NixOS, and others.
The adoption rates are impressive. According to the news quoted keys.openpgp.org saw in increase from about 2000 to 70K verified email address in a 3 months span just this year year.
If new keyservers are seeing the kind of reception we've seen with keys.openpgp.org it would be hard to say not only are keyservers surviving, they're growing in popularity.
Josh Habdas
Posted 2011-01-01T19:05:25.870
Reputation: 121
1
UPDATE: in 2017 you might want to consider using Keybase, the Social Approach to Public Key Verification.
"Keybase is a free, open source security app. It's also a public directory of people.
The Keybase app helps you perform cryptographically-secure operations with people you know on the Internet: chatting, file sharing, even publishing public documents."
Gaia
Posted 2011-01-01T19:05:25.870
Reputation: 4 549
11But Keybase doesn't abide by the public keyserver system at all, and in fact, requires users to store their private keys on their system. It's like proprietary gpg, which one should not trust, imho! – hopeseekr – 2018-02-03T21:40:28.583
but your private keys should be on your own system. only the public key goes to the net. – Gaia – 2018-02-03T23:50:32.127
2
It's a known wont-fix issue... https://github.com/keybase/keybase-issues/issues/160
– hopeseekr – 2018-02-09T16:26:22.4876
It's not labeled won't fix, and sending the PK to keybase is an optional feature. See https://github.com/keybase/keybase-issues/issues/160#issuecomment-37070418 and https://github.com/keybase/keybase-issues/issues/160#issuecomment-343015634
– Gaia – 2018-02-09T21:12:17.1932
furthermore, https://blog.filippo.io/on-keybase-dot-io-and-encrypted-private-key-sharing/
– Gaia – 2018-02-09T21:13:47.1471
@Gaia https://github.com/keybase/keybase-issues/issues/160#issuecomment-209709935
– jordanbtucker – 2018-02-21T23:54:03.523The beauty of keybase is people don't need web of trust / key signing parties to reasonably confirm somebody's key. I may have never met yout, but if I know, say, your Github & Facebook identities, and you posted keybase proof on these, I can verify that public key really belongs to someone controlling those 2 accounts. – Beni Cherniavsky-Paskin – 2019-09-26T22:03:11.507
When i publish a key( which contains private+public) , does it also publish a private ??? it must not.... – Royi Namir – 2012-12-23T11:33:07.207
@RoyiNamir: No. First, the
gpgand PGP programs only send the public part of your key. Second, the keyservers themselves remove all private data before publishing received keys. – user1686 – 2012-12-23T14:11:25.353do you know if in the pgp file , the original filename is stored ? ( for example john encrpyt 1.txt and send it to me as 1.pgp..... can I know - when decrypt - what was the original filename ? ) – Royi Namir – 2012-12-23T14:32:48.727
@RoyiNamir: http://superuser.com/questions/ask and yes, it is. (Except when it's not.)
– user1686 – 2012-12-23T18:05:08.523I asked. i'll be glad to hear your answer. http://superuser.com/questions/523631/pgp-gnupg-what-was-the-original-file
– Royi Namir – 2012-12-24T08:14:06.9901
@grawity I don't use PGP Global Directory anymore due to many of the links moving back to symantec and whois information doesn't return with any results which worries me very much. Also the SSL security for PGP Global Directory is pretty bad as well.
– meguroyama – 2014-03-13T07:00:35.7572@meguroyama PGP uses its own "Web of trust" for verifying keys, so SSL support in keyservers is only useful for privacy reasons (to hide what keys you retrieve). Many SKS keyservers still lack SSL completely, and while they're slowly adding it, it's not a security problem. – user1686 – 2014-03-15T09:23:46.730
1As for the WHOIS information – you don't know who runs most SKS keyservers either; and this too doesn't matter. – user1686 – 2014-03-15T09:25:10.610
@grawity ok well if that is the case than I suppose it isn't too much of a problem. – meguroyama – 2014-03-18T22:42:42.670
1@meguroyama: Right – the only problem is that the Global Directory is isolated; it does not exchange keys with anything else. On the other hand, all SKS keyservers sync to each other; if one goes down, two dozen others continue working. – user1686 – 2014-03-19T11:30:01.823