Automatic checking of keyservers

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Using GnuPG, I have tried to verify a number of signatures from this
and other lists, and inevitably I get the message that "public key not
found" unless it was one on my keyring. Given the speed with which I
get that message, I have the feeling it's searching only my keyring,
not any keyservers. I've looked for a way to enable it to check
keyservers automatically for new keys, but haven't found anything. Can
anyone advice me on how to enable this?

- --
Thanks,
Rick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32) - GPGshell v3.52

iQIcBAEBCAAGBQJFP5YdAAoJELf6ImSjvaeWLFwP/jXJGdQvcOKbBkVDNmSmhsi+
WdvuGr9Gh0aaUyJHmj4dxGEgzuly2OSGDxsw5f35w3FzQb6W3iNsyxmXiqAYHF4J
TPHvqFb9HnEIUF4vQtzmCs385FShJzdXgqt8C4QDT6YCho8p6mrTNp2jd8Ximhef
YLVqdlLtJuYlRtYrzUen3ZOqPTgZlocLdGoemjFu26CbB4tjKQ274lz7D1B6JZXW
A6k7IKmsh1s9AHaYcoz7P7CdNP5CrgvxI1Ec0ZNSwMBOr1flkfZGPlteHNP8I7KN
4RH7L6tFhYkdcjXP3;8TrfGzCV/yZC7w8/jiyZ+A5bs3u99XUvVSURjviuDz53gdF
UYBWdEjx/KXHB1nGl/fwhkNDg/+7t7EVkZxMIUsiubkZbAM6/nvFcyMrms9F+0n0
NYaPKcksD38R1rO7mNpSUypp9sErZxrfyvv9bFp4Jw2F4D6seGuEVmoI2u/wZnEE
RNVIGoHXFG5c55KRVkQP4rnXJ4t2zLU1G1pqirCUxsRJxTkmDLlF8TSaeDh+aogU
LdpsqydQeAscCKSEQ3XfUvmrQLrRWIiDY2jpYd7qX3ViH84TjCFqszbR+jRVGutp
4PbsuY/5gYFt7HH0RZSeR/w76aVWPQzwoWmmV0eVNGU3lSf0RHKq5llcfcBcLJV9
HaOqheGNAXNuhjW8P0HH
=ogDm
-----END PGP SIGNATURE-----

Messages in this topic (1) Reply (via web post) | Start a new topic

.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

In reply to Richard H. Stoddard's message sent 2006-10-25 12:51:

> Using GnuPG, I have tried to verify a number of signatures from this
> and other lists, and inevitably I get the message that "public key
> not found"; unless it was one on my keyring. Given the speed with
> which I get that message, I have the feeling it's searching only my
> keyring, not any keyservers. I've looked for a way to enable it to
> check keyservers automatically for new keys, but haven't found
>; anything. Can anyone advice me on how to enable this?

And then there's the problem of which key server to check...

> X-GPGrelay-Status: This mail was signed (Inlined PGP-Message).
> ,-----GnuPG output follows (current time: Wed, Oct 25 2006 - 13:11:53)--
> |
> | gpgkeys: key B7FA2264A3BDA796 not found on keyserver
> | Signature made 10/25/06 12:51:41
> | using RSA key 0xB7FA2264A3BDA796
> | requesting key 0xB7FA2264A3BDA796 from hkp server subkeys.pgp.net
>; | no valid OpenPGP data found.
> | Total number processed: 0
> | Can't check signature: public key not found
>; |
> `----------------------------------------------------------

But, to answer your question... you need --auto-key-retrieve enabled in
your keyserver options for GnuPG. Note how the keyserver entry in my
gpg.conf contains --auto-key-retrieve.

> keyserver hkp://subkeys.pgp.net
> keyserver-options auto-key-retrieve honor-keyserver-url include-revoked include-subkeys honor-pka-record

- --
List Moderator, PGP Encryption Help Team

Mike Daigle http://www.mikedaigle.ca
My PGP Key Send email with subject=pgpkey-request
Gossamer Spider Web of Trust http://www.gswot.org

-----BEGIN PGP SIGNATURE-----
Comment: GSWoT:CA1 Gossamer Spider Web of Trust www.gswot.org
Comment: Mike Daigle Ontario, Canada www.mikedaigle.ca

iEYEAREDAAYFAkU/oDoACgkQTvHh4CsVTmIszACgnuZeVI5Q01cxHD1pwauIYi2/
P+gAnRk3g06tY4VHgCGxhxVqZ/lBwE+r
=jyc6
-----END PGP SIGNATURE-----

Messages in this topic (2) Reply (via web post) | Start a new topic

.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

In reply to Richard H. Stoddard's message sent 2006-10-25 12:51:

> Using GnuPG, I have tried to verify a number of signatures from this
> and other lists, and inevitably I get the message that "public key
> not found"; unless it was one on my keyring. Given the speed with
> which I get that message, I have the feeling it's searching only my
> keyring, not any keyservers. I've looked for a way to enable it to
> check keyservers automatically for new keys, but haven't found
>; anything. Can anyone advice me on how to enable this?

And then there's the problem of which key server to check...

> X-GPGrelay-Status: This mail was signed (Inlined PGP-Message).
> ,-----GnuPG output follows (current time: Wed, Oct 25 2006 - 13:11:53)--
> |
> | gpgkeys: key B7FA2264A3BDA796 not found on keyserver
> | Signature made 10/25/06 12:51:41
> | using RSA key 0xB7FA2264A3BDA796
> | requesting key 0xB7FA2264A3BDA796 from hkp server subkeys.pgp.net
>; | no valid OpenPGP data found.
> | Total number processed: 0
> | Can't check signature: public key not found
>; |
> `----------------------------------------------------------

But, to answer your question... you need --auto-key-retrieve enabled in
your keyserver options for GnuPG. Note how the keyserver entry in my
gpg.conf contains --auto-key-retrieve.

> keyserver hkp://subkeys.pgp.net
> keyserver-options auto-key-retrieve honor-keyserver-url include-revoked include-subkeys honor-pka-record

- --
List Moderator, PGP Encryption Help Team

Mike Daigle http://www.mikedaigle.ca
My PGP Key Send email with subject=pgpkey-request
Gossamer Spider Web of Trust http://www.gswot.org

-----BEGIN PGP SIGNATURE-----
Comment: GSWoT:CA1 Gossamer Spider Web of Trust www.gswot.org
Comment: Mike Daigle Ontario, Canada www.mikedaigle.ca

iEYEAREDAAYFAkU/oDoACgkQTvHh4CsVTmIszACgnuZeVI5Q01cxHD1pwauIYi2/
P+gAnRk3g06tY4VHgCGxhxVqZ/lBwE+r
=jyc6
-----END PGP SIGNATURE-----

Messages in this topic (2) Reply (via web post) | Start a new topic

.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Richard H. Stoddard wrote:
> Using GnuPG, I have tried to verify a number of signatures from this
> and other lists, and inevitably I get the message that "public key not
> found"; unless it was one on my keyring. Given the speed with which I
> get that message, I have the feeling it's searching only my keyring,
> not any keyservers. I've looked for a way to enable it to check
>; keyservers automatically for new keys, but haven't found anything. Can
> anyone advice me on how to enable this?

Of Course, I couldn't locate /this/ Key on several Keyservers.
Sometimes the Key isn't supplied to the Servers. Where is the Key used
to sign your Post located?

JOHN :-
Timestamp: Wednesday 25 Oct 2006, 16:32 --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6-svn4315: (MingW32)
Comment: Public Key at: http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: My Homepage: http://tinyurl.com/yzhbhx
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCgAGBQJFP8oAAAoJEBCGy9eAtCsPFE8H/30eIOp5R27ZkSQ2l0PMh+r+
l+k+g/h7F/sxSvu5aJmKVajFo7IIv4OjFWZyBKuuTlIk95UJBX90Yd5sqVHYMDT5
hMy7+PPgxJoY1xmHhjzYopxo2/9MxOMbo5aioKXkhIZb/9qJCvUCotvqvHwvU44v
xy2ZChs025JpZz6OyQoBUVQhvt3SQ8rhusTQO5yi8GvAX8knGFLiCCv36mLcKzcl
N8QEjXBx2owPR9r/IUz2Y1JtqXYOUlBM4QjHzZlCPuM8GnWWbWr3uHyszGui9gjC
kfh4XUbtSLV8t/SHlOWktGYXuay1cMi5YWsBXvSfBKoCzoPgmMLYx3rYDB/3L0Y=
=al0o
-----END PGP SIGNATURE-----

Messages in this topic (3) Reply (via web post) | Start a new topic

.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Michael,

MD> But, to answer your question... you need --auto-key-retrieve enabled
in
MD> your keyserver options for GnuPG. Note how the keyserver entry in my
MD> gpg.conf contains --auto-key-retrieve.

I did insert "keyserver-options auto-key-retrieve", but it still
indicates public keys not found. As for mine, I've uploaded it to
several servers, including subkeys.pgp.net using gpgshell. Yet when I
looked for it myself after just uploading it again it wasn't there; I
resent it using GPA, this time successfully.

- --
Rick

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32) - GPGshell v3.52

iQIcBAEBCAAGBQJFQAzsAAoJELf6ImSjvaeW9xcQALZEmJufZ429Nw4ALy5APsj3
dWGFVPzL9Te7V3S6y20wGOSCfTXxPLbdbGdfaKf04EMtCpf9t81aQ50ODmcNekk8
pkb/jPdSpWzwfp9zE7N8wEEbEoQ+U1EZgbeH7TehD7mkWuxKhGaI7AH6BHub2t8n
m3w2/FdOwrnug7ZH4WXwTxs0OHaSl9YQxT4VZ8Foqs3keEMqpa6ux5vSeVlFSeri
BXMzi2W+5evMB1Pai+8mYcK9plaYTYHQ4lKBA36lQG4gSliZ3;RaVVqgKgKt6QLkY
28Axi7RWRQ3N1LOyViSZguVvLJDAm7+;J+LAtLsIEu2IZPnsFWEM0Nngt0LlNE+vV
kHf6K03kO6c4fX2TDH26A+EPgUBZ5/gUZYKsuRMCGtCOlfPIndInzhOhmEqJsK/v
4rKJmoXcTIdBljB3RJQmu2QJ7xETHEBjzUgcoke0uIVpzLfxCttMQorPJO00i+hp
32cW4lhDj7NcPxbHWYPAe7fRaGODsZ2B3;Q9l/WFWQMpHBvqgNBldYHxI2H734+wg
Mep2j4zGpL3O4ZcwnDj5YCuQdbgBr8ET1RMKaBe4wKTPMtLVn69eP12347902Yto
8lf/WQy0Y6+0QjpWosAj5r5ZVOmCkXryM9UJ57XAj9Lm3jURI6dIyDgdssUVh9zB
qCZZjIJeI+64Xrxux37V
=ai77
-----END PGP SIGNATURE-----

Messages in this topic (4) Reply (via web post) | Start a new topic

.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

John,

Thursday, October 26, 2006, 1:33:06 AM, you wrote:

JWMI> Of Course, I couldn't locate /this/ Key on several Keyservers.
JWMI> Sometimes the Key isn't supplied to the Servers. Where is the
JWMI> Key used to sign your Post located?

I had uploaded it to several servers using gpgshell, but when I
checked again this morning I saw it wasn't on any of them. I uploaded
it again, but it still didn't work; I just tried using GPA, and it's
now on subkeys.pgp.net. I don't know why it didn't work using
gpgshell.

- --
Rick

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32) - GPGshell v3.52

iQIcBAEBCAAGBQJFQA55AAoJELf6ImSjvaeWG3kP/1edQ0o4yb3O1Jv6gpXVW8uL
L8TbpZsvcUkGMCAcN79i4jZcAJ/ZOJLexyUQCrWzvrfZB4csi7en3ZjAN+;9Ycc/B
kuY497MMUSpva90cKuZrYfIpKwsvPp0BDdi1VOgoSCnagmQ8nw/53V1YTmVdQ0n7
iZ0Ij1BG1zYI31Nzb3;EEoRrZfc94xAFSutDyIYLcbK/eXwCaoLsxrIlNZKyCXXTS
LuD9a+9i7+G2A++RFeUh+QIUs6mj1+t85EnfK90TCWDYXyuIbkpBxD1fJ0DM+/NN
gXGrrpERG+AjJ7cMslg3jjcv8xoACLeF2WNzvnI/fG7D+Av6bHqnVzGP8VrRDryN
hFzWsGzwbUCuFG0Vq0veqGIXJdzAJK557jEijSI0oh+jBX+oILAWsLkAttUUUCQJ
DrfU4Q6pZ5cuv2pf6P0j052aKxyCuq+pQAD+uwZhzIdtXBwJN/H4YR5o/ghn7met
PCoUftX0hk6jJJOTT0o/QhR8ej2c1EQo1ww8jpIMypoE6Hrm0csN3;PL84j2z+cSg
U8GOn6++Thogj9OMzr1VKVHPKDrIPIImbTVRLJmBXizRce/JM3Owg+4vB+z170ug
tlAjSuu+WQrnawSvTyFC+UvifhnSKmjnYaG5I92xrpdln8Vjg62hZ+UgB/zls+W5
4wcSeDXppBd7YhTP1JyP
=j03c
-----END PGP SIGNATURE-----

Messages in this topic (5) Reply (via web post) | Start a new topic

.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

In reply to Richard H. Stoddard's message sent 2006-10-25 21:18:

>> But, to answer your question... you need --auto-key-retrieve
>> enabled in your keyserver options for GnuPG. Note how the keyserver
>> entry in my gpg.conf contains --auto-key-retrieve.
>
>; I did insert "keyserver-options auto-key-retrieve", but it still
>; indicates public keys not found. As for mine, I've uploaded it to
> several servers, including subkeys.pgp.net using gpgshell. Yet when I
> looked for it myself after just uploading it again it wasn't there;
> I resent it using GPA, this time successfully.

Do you see confirmation in the DOS box when you submit via GPGshell?

As for your success via GPA, I confirm

> X-GPGrelay-Status: This mail was signed (Inlined PGP-Message).
> ,-----GnuPG output follows (current time: Wed, Oct 25 2006 - 21:33:48)--
> |
> | Signature made 10/25/06 21:25:13
> | using RSA key 0xB7FA2264A3BDA796
> | requesting key 0xB7FA2264A3BDA796 from hkp server subkeys.pgp.net
>; | key 0xB7FA2264A3BDA796: public key "Richard H Stoddard < rstoddard%40voyager.net">rstoddardvoyager.net>&quot; imported
> | Total number processed: 1
> | imported: 1 (RSA: 1)
> | Good signature from "Richard H Stoddard < rstoddard%40voyager.net">rstoddardvoyager.net>&quot;
> | WARNING: This key is not certified with a trusted signature!
> | There is no indication that the signature belongs to the owner.
&gt; | Primary key fingerprint: 9141 E1C7 CAB2 0D62 89CB 098E B7FA 2264 A3BD A796
> |
> `----------------------------------------------------------

- --
List Moderator, PGP Encryption Help Team

Mike Daigle http://www.mikedaigle.ca
My PGP Key Send email with subject=pgpkey-request
Gossamer Spider Web of Trust http://www.gswot.org

-----BEGIN PGP SIGNATURE-----
Comment: GSWoT:CA1 Gossamer Spider Web of Trust www.gswot.org
Comment: Mike Daigle Ontario, Canada www.mikedaigle.ca

iEYEAREDAAYFAkVAFOoACgkQTvHh4CsVTmIkXQCeNVeXpazapprjpmEcx7/EMTF4
DywAnjxU8fLUHWDw81QARnrLGO0hQ8Se
=CBEK
-----END PGP SIGNATURE-----

Messages in this topic (6) Reply (via web post) | Start a new topic

.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Michael,

Thursday, October 26, 2006, 6:52:24 AM, you wrote:

MD> Do you see confirmation in the DOS box when you submit via GPGshell?

No. I submitted it to "all servers&quot;, and it ran through the list but
there was no confirmation; nor was there a confirmation when I did it
server by server. With GPA I did get the confirmation.

I'm still not sure why it won't check for keys automatically, but I
guess that's a problem for this evening.

- --
Thanks,
Rick

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32) - GPGshell v3.52

iQIcBAEBCAAGBQJFQBg3AAoJELf6ImSjvaeWnUYP/3mJaAzhFSLWdzq2v0nq8r3A
VPxHbKRQZ/CYtMKSKYz1HM86Hbed9lPET25DKpf/jsTNc9wy/aBqp+AF3/a/ogIJ
dMyTrAFu9i8NkO4PX4w8INw4EXOPknhpKJEcaVtcqY4F6NP5YeO/MJKeaffEWibd
gBjMAZZrHxpw33LKItK0h3Y/g/D3cC5klU629ibzSdLZihSkxdHk1LstSLxE318k
4hqaLVb8U7LnkyOD7rUy+PV6wnENF6ovXWivMm09ouXkmtUbiebr/38oB4gfDKwP
K8Aa3H0YJb3u3NM4fUiNUKFDGNkl7luUNeNJ6wxBQHuRScHEzqBtPRPxfzo4S/JD
7DJ7WiVIiPuUVyAcVYhaP8M0cBF8usaYMH0KtnPVVwtlchwhGkQBGKLh7X12x4F3
nwNQycXf8jVxkPzRrKzikfmAKLh0tVS6CmLZJciQexup1jyTDpjS2AXoXhfPSX55
ePqb+AFBnzbq9iJyqalhv3k0B6NprWoE5jYuc5QLpc9hGZxf0mk/SfR85S&#43;AgxYo
ZWBKCdtzf2U7SAGYM0KVrgb1BeTydBu2d18taZG5hg/t6jtMQASqazsmyGgT1BVA
toyJ+;ojUuHPYyZJOI9U/lVn6XaUgCRo4vrEiAa1Co9AHgq9JbtrrKxGjqdl2Zalt
0VicWN2ILcS0DcX5FLaZ
=ykxZ
-----END PGP SIGNATURE-----

Messages in this topic (7) Reply (via web post) | Start a new topic

.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Michael,

Thursday, October 26, 2006, 6:52:24 AM, you wrote:

>>>; But, to answer your question... you need --auto-key-retrieve
>>>; enabled in your keyserver options for GnuPG. Note how the keyserver
>>&gt; entry in my gpg.conf contains --auto-key-retrieve.

It's now checking keyservers automatically. It turns out my mistake
was that there was no default keyserver set. I corrected that this
evening with help from a friend.

- --
Thanks,
Rick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32) - GPGshell v3.52

iQIcBAEBCAAGBQJFQO/uAAoJELf6ImSjvaeWIk4P/i8gB231R4zHT/bF/RJPBVYo
3iJVVqZl3tWDMPQdWn/WWLPJFmpWdYsRxoQtaqDl2I4KtpRXgRCvM6XJ9Vnvhfv/
M1pILxVE7zHeM0BDCX6KQqIQVtXChOQKstF18EN/H91ZC/0k5a3/KYh5a9YhGLWA
VZVIBkTcfVUq1c+rh9LjE0NGJjCQ9poVmZ2bEyJt4NSR6oEPfNqeoHF3tSG&#43;gtBq
7TIc4XwQ9DXjm3IvRYTpLBLeCkqoIjpnt1+zIjipBbNGu4SQi6La8GfRVcRoS1A5
3Z710cESPzgSwn2x15cIOUg8PiycIV7Bhavt+My5e7jb+vcXzKvB8NpBq8Fp8XJF
fu1wpBSzObr9uTTF1hJc1gjz6I+T58E95IwzvvSJVh7cc0EmwP8DGhY5QLEe5wSC
8fF2rngA2bMK2QXmAuDKZKbmNMPlSynY7tcoW/gqhmd5EMWfm6Dzjwt5OOje7A0u
nTRlfG2nOCiV9kfHO0BpSSVIOPQibNJAv1lhKZjSOT3fGMIPyp09vyn9ucRUb0Yo
fS0yt0oI6D8cCbrqiX7Z6bOnIf8+qHiW45Ik62G0SnCFuK9ljAmCfvOXNBSRo0aL
GoJ/wSQ9zRzHmbYFQ7HDVkvicr2FgW95fj8Ru+qZmzai6WC/CNCXasV1bKFetnLt
s9YA0nn3e1pStlJQPa0b
=kGNR
-----END PGP SIGNATURE-----

Messages in this topic (8) Reply (via web post) | Start a new topic

.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

In reply to Richard H. Stoddard's message sent 2006-10-26 13:27:

>>>;> But, to answer your question... you need --auto-key-retrieve
>>>;> enabled in your keyserver options for GnuPG. Note how the
>&gt;>> keyserver entry in my gpg.conf contains --auto-key-retrieve.
>
>; It's now checking keyservers automatically. It turns out my mistake
&gt; was that there was no default keyserver set. I corrected that this
> evening with help from a friend.

No surprise. I composed a follow-up reply to bring your attention to
that. I illustrated the command for you in my sample, but didn't explain
it - hence the follow-up. I guess I shouldn't have chosen not to send
the follow-up...

- --
List Moderator, PGP Encryption Help Team

Mike Daigle http://www.mikedaigle.ca
My PGP Key Send email with subject=pgpkey-request
Gossamer Spider Web of Trust http://www.gswot.org

-----BEGIN PGP SIGNATURE-----
Comment: GSWoT:CA1 Gossamer Spider Web of Trust www.gswot.org
Comment: Mike Daigle Ontario, Canada www.mikedaigle.ca

iEYEAREDAAYFAkVBJPoACgkQTvHh4CsVTmJX1gCfSqDDL86zBbMXGuTspA8m8St3
Rs4Anija6edAIwDEC6Ftf0pVC41i1LR7
=EL3S
-----END PGP SIGNATURE-----

Messages in this topic (9) Reply (via web post) | Start a new topic

.