> Okay, then... All the keyservers have the key. But keys.openpgp.org > doesn't let it get imported because the owner didn't consent to making > his email address publicly known by verifying his email address. > > Which means that the owner doesn't care much about this, otherwise he > would not publish the key to the other servers.
Either that, or they don't know about it, or the key was published by someone else since there are no checks on the other servers. There are currently ~250k verified addresses, typically it depends on the user's client software (e.g. GPGTools for macOS has great support for keys.o.o verification, GPG4win has none). > Also, how do I as an owner... apply for verification? > > gpg --export your_addr...@example.net | curl -T - https://keys.openpgp.org > > And then follow the instructions at the outputted URL? Yep, that is one way. > Will it invalidate my key (previous version of the key)? Only one key can be verified for any email address at one time, so it's possible to replace keys for an email address, or remove them. As long as it's the same key, all updates to that key will be merged as usual. Cheers - V _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
