-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 FYI, certserver.pgp.com, keys.pgp.com, keyserver.pgp.com, pgpkeys.mit.edu, and keys.nai.com are all the same server (208.228.228.80), listening on port 11371 (HTTP) and 389 (LDAP) and 689 (LDAPS). If one doesn't work, the rest of the above probably won't either. The server I tend to use in cases when keyserver.pgp.com is not functioning properly is horowitz.surfnet.nl:11371. It also listens to LDAP on 11370 and LDAPS on 11369. pgp.ai.mit.edu is BAL's server, home of the original PGP keyserver. It isn't as zippy as the other two, but has a decent uptime ratio. It only listens on 11371, and you can't do the advanced LDAP queries that you can do with the other servers. www.keyserver.net has a cool web interface for searching for keys, but it sometimes takes a little work to find a server that is up and responding in a timely fashion. This network group uses Highware's OpenKeyserver. There is no LDAP support. I don't use pgp.net, so I can't comment one way or another on that group of servers. I believe they are mainly using the older pksd software by Marc Horowitz. Theoretically, all the servers syncronize with each other and there is no difference in the data contained on them. However, the server that tends to have the most up to date data is keyserver.pgp.com. Second to that is horowitz.surfnet.nl. If you want more info on the keyserver network, you should check out the keyserver mailing list. There is subscription info at http://www.highware.com/main-oks.html (it's the list hosted at flame.org). - --Len.
-----Original Message----- From: Valdis.Kletnieks@vt.edu [SMTP:Valdis.Kletnieks@vt.edu] Sent: Monday, June 26, 2000 1:25 PM To: Randy Bush Cc: nanog@nanog.org Subject: Re: public key service
On Mon, 26 Jun 2000 11:25:43 PDT, Randy Bush <randy@psg.com> said:
pgp public key service is becoming critical infrastructure.
unfortunately,
i have been unable to get useful key lookup for a long time. i have been trying <http://pgpkeys.mit.edu/> at jeff schiller's recommendation, and <http://bs.mit.edu:8001/pks-toplev.html> which used to work once upon a time. neither work for me.
EXMH 2.1.2 and later shipped with http://keys.pgp.com:11371/pks/lookup as the URL to check by default. I would have put www.pgp.net as the server, but of the 5 servers I checked, 2 were net-unreachable and one tossed a 404. -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
__ L. Sassaman System Administrator | "Everything looks bad Technology Consultant | if you remember it." icq.. 10735603 | pgp.. finger://ns.quickie.net/rabbi | --Homer Simpson -----BEGIN PGP SIGNATURE----- Comment: OpenPGP Encrypted Email Preferred. iD8DBQE5V8UKPYrxsgmsCmoRAu9gAKC2JKN6b1B+y2bsN813XJaFqP6UpwCdFrHb 7Fp3uDw+VgVdoSuiUwTQyww= =dDMM -----END PGP SIGNATURE-----