Generic question: replication/sync between key servers, how long until published?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Generic question: replication/sync between key servers, how long until published?

GnuPG - User mailing list
Hi all,

published a revocation cert for a very long used old 1024 bit key plus a newly created 4096 bit key to http://keys.gnupg.net/. Visible after some minutes.
Now, four days later, both keys are still not visible on e.g. https://pgp.ocf.berkeley.edu

Is this usually taking that long, or is something broken?

Best Regards,
Michael

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Reply | Threaded
Open this post in threaded view
|

Re: Generic question: replication/sync between key servers, how long until published?

GnuPG - User mailing list
On 19/02/2021 11:06, michaelof--- via Gnupg-users wrote:
> Hi all,
>
> published a revocation cert for a very long used old 1024 bit key plus a newly created 4096 bit key to http://keys.gnupg.net/. Visible after some minutes.
> Now, four days later, both keys are still not visible on e.g. https://pgp.ocf.berkeley.edu
>
> Is this usually taking that long, or is something broken?

keys.gnupg.net doesn't exist (tested from several locations):

```
Host keys.gnupg.net not found: 3(NXDOMAIN)
```

These days, it's probably safest to publish your key to as many
keyservers as you can. If they sync eventually, great. But the sync
process is nowhere near as reliable as it used to be, and probably
shouldn't be depended upon.

--
Andrew Gallagher


_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

OpenPGP_signature (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Generic question: replication/sync between key servers, how long until published?

GnuPG - User mailing list
Am 19.02.21 um 13:10 schrieb Andrew Gallagher via Gnupg-users:

> On 19/02/2021 11:06, michaelof--- via Gnupg-users wrote:
>> Hi all,
>>
>> published a revocation cert for a very long used old 1024 bit key plus a newly created 4096 bit key to http://keys.gnupg.net/. Visible after some minutes.
>> Now, four days later, both keys are still not visible on e.g. https://pgp.ocf.berkeley.edu
>>
>> Is this usually taking that long, or is something broken?
>
> keys.gnupg.net doesn't exist (tested from several locations):
>
> ```
> Host keys.gnupg.net not found: 3(NXDOMAIN)
> ```
>
> These days, it's probably safest to publish your key to as many keyservers as you can. If they sync eventually, great. But the sync process is nowhere near as reliable as it used to be, and probably shouldn't be depended upon.
>
>

Thanks, Andrew, will follow your suggestion and upload to as many key servers as I'll find :)

No idea why you've got the NXDOMAIN answer for keys.gnupg.net, but it seems that it been offline today, maybe that's why. Now it's online, again, and you are getting DNS feedback:

$ host keys.gnupg.net
keys.gnupg.net is an alias for hkps.pool.sks-keyservers.net.
hkps.pool.sks-keyservers.net has address 209.244.105.201

I've used usually pgp.mit.edu, but it's very slow, currently but for a while now.





_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users