recieving/updating Public Keys from SKS keyserver to pubring.gpg

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

recieving/updating Public Keys from SKS keyserver to pubring.gpg

santh12345

Hi,


i configured gnupg 2.0.15 on RHEL4 to encrytp e-mail messages. Then i installed SKS 1.1.1-2 on the same mechine. 


now i am able to generate keys #gpg --gen-keys

and export/sent them to SKS     #gpg --keyserver hkp://localhost --send-key KEYID

and also recieve them through  #gpg --keyserver hkp://localhost --recv-key KEYID


and i configured each users e-mail client (EVOLUTION) using their KEYIDes. When a user receives an encrypted mail from his peer ... he is able to read the mail only after receiving the KEY of sender to his pubring.gpg . But the problem here is each user has to receive KEYs of all the other one after another....which i dont think is the correct way.


??????? is there any way of receiving all the Public-keys that are available with the local SKS keyserver ???????


if it is ??


how to update users pubring.gpg periodically or  when ever a new KEY is received by the KEYSERVER?


Please help me.. Thanking you


P K Thandra 





_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: recieving/updating Public Keys from SKS keyserver to pubring.gpg

Kim Minh Kaplan
Prasanth Thandra writes:

> Hi,
>
>
> i configured gnupg 2.0.15 on RHEL4 to encrytp e-mail messages. Then i installed
> SKS 1.1.1-2 on the same mechine. 
>
>
> now i am able to generate keys #gpg --gen-keys
>
> and export/sent them to SKS     #gpg --keyserver hkp://localhost --send-key
> KEYID
>
> and also recieve them through  #gpg --keyserver hkp://localhost --recv-key
> KEYID
>
>
> and i configured each users e-mail client (EVOLUTION) using their KEYIDes. When
> a user receives an encrypted mail from his peer ... he is able to read the mail
> only after receiving the KEY of sender to his pubring.gpg . But the problem
> here is each user has to receive KEYs of all the other one after
> another....which i dont think is the correct way.

You can setup GPG so that it automatically fetches unknown keys.
Checkout the documentation for "--keyserver-options auto-key-retrieve".

> ??????? is there any way of receiving all the Public-keys that are available
> with the local SKS keyserver ???????

Not readily: SKS is designed with a huge (currently several GB) database
of keys in mind so the export of all the keys is still an administrative
task that requires access to the database files.  See the "sks dump"
command.

> if it is ??
>
>
> how to update users pubring.gpg periodically or  when ever a new KEY is
> received by the KEYSERVER?
>
>
> Please help me.. Thanking you

Reading your mail it seems you are trying to use PGP in a way it was not
designed for: you are trying to enforce a centralized or hierarchical
trust model while PGP's model is a web of trust where each individual
chooses what key to trust.  Have you looked at X.509 certificates, they
may better serve your purpose.
--
Kim Minh

_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel