Version 1.5

The comp.security.pgp FAQ


8. Public Key Servers


8.1 What are the Public Key Servers?

Public Key Servers exist for the purpose of making your public key available in a common database where everybody can have access to it for the purpose of encrypting messages to you. Anyone who wants to write you a message, or to check a signature on a message from you, can get your key from the keyserver, so he doesn't have to bother you with it.

While a number of key servers exist, it is only necessary to send your key to one of them. The key server will take care of the job of sending your key to all other known servers.

8.2 What public key servers are available?

There is now a clean interface to key servers. The pgp.net domain was founded for this purpose, and offers an easy and fast way to obtain people's public keys.

You can access the keyserver in e-mail, by sending mail to pgp-public-keys@keys.pgp.net with the command (see 8.3 below) in the Subject line of your message. This message will be sent to one of the keyservers at random, which ensures that an individual server will not be overloaded.

If you have WWW access, you can also use the WWW interface at http://www.uk.pgp.net/pgpnet/pks-commands.html.

FOUR11 no longer certifies keys. Version 1.3 of the FAQ incorrectly claimed that pobox.com certified keys, but Pobox customer service says they don't.

8.3 What is the syntax for the key server commands?

The key server expects to see one of the following commands placed in the subject field. Note that only the ADD command uses the body of the message.
ADD           Your PGP public key (key to add is body of msg) (-ka)
INDEX         List all PGP keys the server knows about (-kv)
VERBOSE INDEX List all PGP keys, verbose format (-kvv)
GET           Get the whole public key ring (-kxa *), in multiple messages
GET <userid>  Get just that one key (-kxa <userid>)
LAST <n>      Get all keys uploaded during last <n> days

Note that instead of a user ID, you can also use a key ID. In this case, you should put "0x" in front of it. By using a key ID rather than a user ID, name or e-mail address, you ensure that you get exactly the key you want. Please see question 4.5 for more information on how to use key IDs.

If you wish to get the entire key ring and have access to FTP, it would be a lot more efficient to use FTP rather than e-mail. Download an entire keyring from ftp://ftp.pgp.net/pub/pgp/keys/README.html

[ Previous | Next | Table of Contents | About this FAQ | Glossary ]


Copyright © 1996 by Arnoud Engelfriet.
Last updated: 22 Oct 1998.
Comments, additions and suggestions can be sent to <faq-admin@mail.pgp.net>.
This FAQ was generated by Orb v1.3 for OS/2.