sks.spodhuis.org

This is sks.spodhuis.org, a mostly private keyserver.
This service may be withdrawn at any time and without notice to end-users. (Peers will be notified).
For administrative questions, contact any of the non-revoked email addresses in my PGP key. (Use verbose index to see which are revoked.) Or use keyserver as the left-hand-side, in the domain spodhuis.org.
Note that this host peers as sks-peer.spodhuis.org and SKS peering requests are often accepted.
For more information on PGP, try starting at: Mr Dibowitz's PGP pages.
For more information on SKS keyservers, see www.sks-keyservers.net which maintains current status listings and a map of the keyserver connectivity. Meanwhile SKS is nongnu GPL software. The code site is hosted on Google Code and the wiki there does not yet contain much, but does include a guide to setting up peering, written by me.
Keys sign other keys, building up a “web of trust” based on chains of signatures. If you group the keys together based on existence of paths between them, to make multiple islands of keys, then the largest such island is the Strong Set. Henk Penning has a page with more formal definitions and various statistics. If your key is in the Strong Set, then you can use tools which find the paths between two keys to find the keys you might need to reach another key in the Strong Set, if you decide to trust those intermediates.
-Phil 0x3903637F

Query

Index choice
Index options
Search

Add

Paste your key here to upload.

Info

This keyserver peers as sks-peer.spodhuis.org
Stats Peers IPs-current (stats) .dot graphviz source
@SKS-Keyservers | Metadata collections: SKS-Keyservers

Pool

The main HKP pool which you should configure your keyserver software to use is ha.pool.sks-keyservers.net, or perhaps pool.sks-keyservers.net. Folks will understand and expect that choice. (Also na.pool.sks-keyservers.net or eu.pool.sks-keyservers.net).
Separately, as an experimental service which I do not expect folks to use, I run my own pool definition. I give it an obnoxiously long name specifically to discourage its use. This is keys.sks.pool.globnix.net (plus also keys.ipv4.sks.pool.globnix.net & keys.ipv6.sks.pool.globnix.net).
This keyserver pool was, to my knowledge, the first to use statistics to find reasonable means for inclusion independent of the count of keys on any given server. Although Kristian beat me to a geocoded pool, even though I was first to have geocoding of IPs collected in the spider server. A little competition is healthy.
At time of writing, my operational pool filters the included servers (after key count elimination based on all reasonable servers) to those running at least version 1.1.2 of SKS, by pulling the URL: http://sks.spodhuis.org/sks-peers/ip-valid?minimum_version=1.1.2.
In addition, as a feature copied from sks-keyservers.net, I have keys.ha.sks.pool.globnix.net (plus also keys.ipv4.ha.sks.pool.globnix.net & keys.ipv6.ha.sks.pool.globnix.net). My variant defines ha as "we did get a Server: header, and it wasn't sks_www".
Similarly, with the same three variations in hostname, depending upon content of the mesh there may be entries for: None of these currently have the proxy-in-front constraint; some do have the minimum version constraint. If no servers meet the selection criteria, then the entries will not exist in DNS (NXDOMAIN, rather than NOERROR).