On 10/17/2016 11:41 AM, Daniel Kahn Gillmor wrote: > On Mon 2016-10-17 06:31:16 -0400, Martin T wrote: > >> I am aware that one can update all the keys in local-keyring from a >> keyserver using "gpg --refresh-keys". Are there any disadvantages to >> simply put this command into user crontab and execute for example once >> a day? > The only disadvantages are if you don't want to reveal the contents of > your keyring to the public keyservers, or to announce your presence on > the network. > > If you prefer to do these things in an anonymized way, you might prefer > a tool like parcimonie,
I run a key server, which allows me to do as many key-retrieval queries as I like, without giving any information away to the rest of the world. It also helps a little, but not completely, with the problem of adding keys to the keyserver network, with respect to my social network. In particular, it's not easy for any keyserver to see which of its peers' peers a given key or set of keys, originated from. However, in theory, an attacker could track the progress of a given key across the network of keyservers by quick querying, but it's a pretty small window between the introduction of keys to a single member of the pool, and it being shared to all the keyservers.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
