-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Kurt Fitzner wrote: > This isn't GnuPG-related really, but recently downloaded my own public > key from a keyserver and found on it about a billion of those silly PGP > global directory signatures on it. Either someone has been downloading > my key from PGP a whole bunch and then submitting it to keyservers, or > the mainstream keyservers are syncing with PGP's global directory. > > I'm wondering if this is a widespread problem. Have other people > noticed this with their keys? > > I am now very sorry I went throught that email process with PGP. I'm > actually hoping this is a widespread problem so that keyserver operators > will start deleting those stupid signatures. If not, I am stuck with my > key having a billion useless signatures on it. > > I'm so glad there is GnuPG with no corporate agenda!!! > Thanks Werner et al.
gpg --edit-key <keyID> clean And setting the clean-sigs and clean-uids options on import-options, export-options, and keyserver-options are our only defense until then. Like you, I refreshed from a SKS server and found 120 new sigs on my key, ALL PGP Universal Keyserver. Over on PGP-Basics, someone asked what was the purpose of the 'clean' command in GnuPG. A good friend of mine replied, "It undoes the damage caused by the PGP Universal key server." Like you, I regret ever submitting my key to that nightmare. I ignored all the renewal emails. I can't say if the PGP signatures were always the problem, but importing my full keyring to clean it in the process reduced a 750 key ring from ~8MB to ~6MB, just under 1/3 (32%) reduction. Maybe --clean-keys could be added as a command to GnuPG, like --check-sigs. Perhaps autocleaning keys is something the SKS keyserver folks will introduce. They seem to have the only active development taking place. And I second the thanks to Werner, David, Timo, and the rest of the GnuPG development community. - -- John P. Clizbe PGP/GPG KeyID: 0x608D2A10 "Be who you are and say what you feel because those who mind don't matter and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3-cvs-2005-09-04 (Windows 2000 SP4) Comment: When cryptography is outlawed, b25seSBvdXRsYXdzIHdpbGwgdXNlIG Comment: Be part of the £33t ECHELON -- Use Strong Encryption. Comment: It's YOUR right - for the time being. Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDHeG0HQSsSmCNKhARAqyJAKD1xF5/xYoV2m2CSqC3BQ1t2mX6jwCeNxc/ bgXl+nXUPBTIuAk0+rGJQ6k= =DTUD -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
