41:, where one of the keys is kept private while the other is distributed publicly. Knowledge of the public key does not compromise the security of public key cryptography. An individual holding the public key of a key pair can use that key to carry out cryptographic operations that allow secret communications with strong authentication of the holder of the matching private key. The need to have the public key of a key pair in order to start communication or verify signatures is a bootstrapping problem. Locating keys on the web or writing to the individual asking them to transmit their public keys can be time consuming and unsecure. Key servers act as central repositories to alleviate the need to individually transmit public keys and can act as the root of a
206:
the key. The confirmation can be renewed periodically, to prevent the accumulation of keyserver plaque. The result is a higher quality collection of public keys, and each key has been vetted by email with the key's apparent owner. But as consequence, another problem arise: because PGP Global
Directory allows key account maintenance and verifies only by email, not cryptographically, anybody having access to the email account could for example delete a key and upload a bogus one.
99:, called PGP Keyserver 7. With the release of PGP 6.0, LDAP was the preferred key server interface for Network Associates’ PGP versions. This LDAP and LDAPS key server (which also spoke HKP for backwards compatibility, though the protocol was (arguably correctly) referred to as “HTTP” or “HTTPS”) also formed the basis for the PGP Administration tools for private key servers in corporate settings, along with a
186:
public keys for various reasons, such as when they forget their pass phrase, or if their private key is compromised or lost. In those cases, it was hard to delete a public key from the server, and even if it were deleted, someone else can upload a fresh copy of the same public key to the server. This leads to an accumulation of old fossil public keys that never go away, a form of "keyserver plaque".
56:. Horowitz's keyserver was called the HKP Keyserver after a web-based OpenPGP HTTP Keyserver Protocol (HKP), used to allow people to interact with the keyserver. Users were able to upload, download, and search keys either through HKP on TCP port 11371, or through web pages which ran CGI scripts. Before the creation of the HKP Keyserver, keyservers relied on email processing scripts for interaction.
235:
relies on signatures on an individual's public key to determine the authenticity of that key, potential relationships can be revealed by analyzing the signers of a given key. In this way, models of entire social networks can be developed. (Mike Perry's 2013 criticism of the Web of Trust mentions the issue as already been "discussed at length".)
234:
in personal interactions and relationships. It has been pointed out that allowing a public key to be uploaded in a key server when using decentralized web of trust based cryptographic systems, like PGP, may reveal a good deal of information that an individual may wish to have kept private. Since PGP
185:
The OpenPGP keyservers since their development in 1990s suffered from a few problems. Once a public key has been uploaded, it was purposefully made difficult to remove it as servers auto-synchronize between each other (it was done in order to fight government censorship). Some users stop using their
238:
A number of modern key servers remove third-party signatures from the uploaded key. Doing so removes all personal connections into the Web of Trust, thus preventing any leakage from happening. The main goal, however, was to minimize the storage space required, as "signature spamming" can easily add
205:
Modern keyservers, starting with the PGP Global
Directory, now use the e-mail address for confirmation. This keyserver sent an email confirmation request to the putative key owner, asking that person to confirm that the key in question is theirs. If they confirm it, the PGP Global Directory accepts
24:
The keys distributed by the key server are almost always provided as part of a cryptographically protected public key certificates containing not only the key but also 'entity' information about the owner of the key. The certificate is usually in a standard format, such as the OpenPGP public key
201:
The keyserver also had no way to check to see if the key was legitimate (belong to true owner). As consequence anyone can upload a bogus public key to the keyserver, bearing the name of a person who in fact does not own that key, or even worse, use it as vulnerability: the
Certificate Spamming
122:
The OpenPGP world largely used its own development of keyserver software independent from the PGP Corporation suite. The main software used until the 2019 spamming attack was "SKS" (Synchronizing Key Server), written by Yaron Minsky. The public SKS pool (consisting of many interconnected SKS
193:, which was cited as a reason for the closure of the SKS pool. Modern PGP keyservers allow deletion of keys. Because only the owner of a key's e-mail address can upload a key (see next section) in such servers, the key stays deleted unless the owner decides otherwise.
20:
is a computer that receives and then serves existing cryptographic keys to users or other programs. The users' programs can be running on the same network as the key server or on another networked computer.
545:
172:
systems which maintain key servers for their users; those may be private or public, and only the participating users are likely to be aware of those keyservers at all.
68:
and was used as the software (through version 2.5.x for the server) for the default key server in PGP through version 8.x (for the client software), keyserver.pgp.com.
25:
format, the X.509 certificate format, or the PKCS format. Further, the key is almost always a public key for use with an asymmetric key encryption algorithm.
310:
146:
keys over the
Internet for users of that cryptosystem. In this instance, the computers can be, and mostly are, run by individuals as a
190:
124:
603:
593:
360:
550:
459:
209:
The last
Internet Engineering Task Force draft for HKP also defines a distributed key server network, based on DNS
169:
130:
A number of newer pools using other software has been made available following the shutdown of the SKS pool, see
123:
instances) provided access via HKPS (HKP with TLS) and HTTPS. It finally shut down in 2021 following a number of
264:
474:
437:
629:
104:
34:
335:
114:
PGP Global
Directory of 2011 which allows PGP keys to be published and downloaded using HTTPS or LDAP.
142:
Many publicly accessible key servers, located around the world, are computers which store and provide
410:
381:
Cryptographic system and methodology for creating and managing crypto policy on certificate servers
49:
92:
88:
69:
65:
460:"Abuse-Resistant OpenPGP Keystores [draft-dkg-openpgp-abuse-resistant-keystore-06]"
613:
602:- a non-synchronising, verifying OpenPGP keyserver software package distributed under the
540:
111:
100:
559:
356:
230:
For many individuals, the purpose of using cryptography is to obtain a higher level of
42:
623:
535:
393:
151:
96:
579:
573:
569:
506:
215:
380:
210:
77:
52:
keyserver was written for a thesis by Marc
Horowitz, while he was studying at
599:
64:
A separate key server, known as the PGP Certificate Server, was developed by
592:- a synchronising OpenPGP keyserver software package distributed under the
589:
276:
147:
38:
565:
247:
These are some keyservers that are often used for looking up keys with
231:
143:
554:
488:
162:
73:
158:
441:
315:
256:
37:. In public key cryptography an individual is able to generate a
161:
are available to publish or retrieve certificates used with the
84:
582:- an OpenPGP key server software package distributed under the
292:
583:
189:
The lack of a retraction mechanism also breached the
European
53:
609:
572:- an OpenPGP key server software package distributed under a
286:
271:
80:(United States Patent 6336186) on the key server concept.
298:
281:
576:. It has largely been replaced by SKS and Hockeypuck.
289:(only contains keys from Debian project members)
475:"[tor-talk] Why the Web of Trust Sucks"
110:PGP Keyserver 7 was later replaced by the new
432:
430:
394:"PGP Global Directory - Terms and Conditions"
8:
405:
403:
83:To replace the aging Certificate Server, an
357:"The OpenPGP HTTP Keyserver Protocol (HKP)"
127:that it was unable to process effectively.
560:The OpenPGP HTTP Keyserver Protocol (HKP)
453:
451:
544:) is being considered for deletion. See
458:Gillmor, Daniel Kahn (18 August 2023).
326:
131:
295:(default in GnuPG since version 2.3.2)
33:Key servers play an important role in
311:Lightweight Directory Access Protocol
7:
411:"SKS Keyserver Network Under Attack"
168:There are also multiple proprietary
87:-based key server was redesigned at
462:. Internet Engineering Task Force.
191:General Data Protection Regulation
14:
548:to help reach a consensus. ›
226:Leakage of personal relationships
138:Public versus private keyservers
361:Internet Engineering Task Force
277:keys.mailvelope.com/manage.html
218:, one can ask it by requesting
580:Synchronizing Key Server (SKS)
1:
334:Horowitz, Marc (1996-11-18).
473:Perry, Mike (Sep 29, 2013).
181:Lack of retraction mechanism
157:Several publicly accessible
251:. These can be queried via
646:
355:Shaw, David (March 2003).
150:service, facilitating the
566:OpenPGP Public Key Server
507:"recv-keys documentation"
336:"A PGP Public Key Server"
170:public key infrastructure
132:§ Keyserver examples
105:Netscape Directory Server
546:templates for discussion
176:Problems with keyservers
16:In computer security, a
197:Lack of ownership check
35:public key cryptography
489:"keys.openpgp.org FAQ"
213:: to find the key of
610:PGP Global Directory
293:keyserver.ubuntu.com
239:megabytes to a key.
48:The first web-based
551:List of Key Servers
287:keyring.debian.org
243:Keyserver examples
159:S/MIME key servers
89:Network Associates
70:Network Associates
574:BSD-style license
637:
522:
521:
519:
517:
503:
497:
496:
493:keys.openpgp.org
485:
479:
478:
470:
464:
463:
455:
446:
445:
440:. Archived from
438:"SKS Keyservers"
434:
425:
424:
422:
421:
407:
398:
397:
390:
384:
383:
377:
371:
370:
368:
367:
352:
346:
345:
343:
342:
331:
272:keys.openpgp.org
267:) respectively.
262:
254:
250:
154:model PGP uses.
645:
644:
640:
639:
638:
636:
635:
634:
620:
619:
614:PGP Corporation
549:
530:
525:
515:
513:
505:
504:
500:
487:
486:
482:
472:
471:
467:
457:
456:
449:
436:
435:
428:
419:
417:
409:
408:
401:
392:
391:
387:
379:
378:
374:
365:
363:
354:
353:
349:
340:
338:
333:
332:
328:
324:
307:
260:
252:
249:gpg --recv-keys
248:
245:
228:
222:'s key server.
199:
183:
178:
140:
120:
112:PGP Corporation
76:co-authored by
62:
31:
12:
11:
5:
643:
641:
633:
632:
630:Key management
622:
621:
618:
617:
612:hosted by the
607:
597:
587:
577:
563:
557:
533:
529:
528:External links
526:
524:
523:
498:
480:
465:
447:
444:on 2022-01-19.
426:
399:
385:
372:
347:
325:
323:
320:
319:
318:
313:
306:
303:
302:
301:
296:
290:
284:
279:
274:
244:
241:
227:
224:
198:
195:
182:
179:
177:
174:
165:cryptosystem.
139:
136:
119:
116:
72:was granted a
61:
60:Enterprise PGP
58:
43:chain of trust
30:
27:
13:
10:
9:
6:
4:
3:
2:
642:
631:
628:
627:
625:
615:
611:
608:
605:
601:
598:
595:
591:
588:
585:
581:
578:
575:
571:
567:
564:
561:
558:
556:
552:
547:
543:
542:
537:
532:
531:
527:
512:
508:
502:
499:
494:
490:
484:
481:
476:
469:
466:
461:
454:
452:
448:
443:
439:
433:
431:
427:
416:
412:
406:
404:
400:
395:
389:
386:
382:
376:
373:
362:
358:
351:
348:
337:
330:
327:
321:
317:
314:
312:
309:
308:
304:
300:
297:
294:
291:
288:
285:
283:
280:
278:
275:
273:
270:
269:
268:
266:
258:
242:
240:
236:
233:
225:
223:
221:
217:
216:
212:
207:
203:
196:
194:
192:
187:
180:
175:
173:
171:
166:
164:
160:
155:
153:
149:
145:
137:
135:
133:
128:
126:
117:
115:
113:
108:
106:
102:
98:
94:
90:
86:
81:
79:
75:
71:
67:
59:
57:
55:
51:
46:
44:
40:
36:
28:
26:
22:
19:
562:(March 2003)
539:
514:. Retrieved
510:
501:
492:
483:
468:
442:the original
418:. Retrieved
414:
388:
375:
364:. Retrieved
350:
339:. Retrieved
329:
246:
237:
229:
219:
214:
208:
204:
200:
188:
184:
167:
156:
152:web of trust
141:
129:
121:
109:
97:Len Sassaman
93:Randy Harmon
82:
63:
47:
32:
23:
17:
15:
570:SourceForge
534:‹ The
299:pgp.surf.nl
282:pgp.mit.edu
220:example.com
211:SRV records
91:in part by
590:Hockeypuck
511:GPG Manual
420:2020-09-17
366:2018-05-02
341:2018-05-02
322:References
263:(HKP over
78:Jon Callas
18:key server
66:PGP, Inc.
624:Category
536:template
305:See also
253:https://
202:Attack.
148:pro bono
39:key pair
538:below (
516:30 June
261:hkps://
232:privacy
144:OpenPGP
118:OpenPGP
29:History
600:Hagrid
555:Curlie
541:Curlie
163:S/MIME
101:schema
74:patent
316:GnuPG
259:) or
257:HTTPS
604:AGPL
594:AGPL
518:2020
415:Gist
125:GDPR
103:for
95:and
85:LDAP
584:GPL
568:on
553:at
265:TLS
107:.
54:MIT
50:PGP
626::
509:.
491:.
450:^
429:^
413:.
402:^
359:.
134:.
45:.
616:.
606:.
596:.
586:.
520:.
495:.
477:.
423:.
396:.
369:.
344:.
255:(
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.