2

Do they offer any benefits at all to the security of key distribution?

unor
  • 1,769
  • 1
  • 19
  • 39
Name
  • 23
  • 2

1 Answers1

7

Public key servers are not meant to bring security; they are meant to make the public keys available. Security is achieved, in the case of PGP, through the Web of Trust: signatures from people on other people's keys. A public key server is simply a repository so that you may more easily find intermediate public keys with signatures between yours and that of the intended recipient.

A public key is not deemed secure because you just downloaded it from a key server; key servers have no idea whether the keys they contain are genuine or not. A public key is deemed correct because you could verify sufficiently many chains of signed keys from your own key to that key. How you obtained the keys is not important; they could have come over some HTTP connection, on USB keys, on magnetic tapes carried by camels through the Australian desert, that does not matter. A public key server is thus just a huge camel.

Without the key servers, each PGP user would have, when he sends a signed email, to send along with it a bunch of other signed keys so that the recipient may validate the signature. This would be cumbersome and does not map well to the WoT structure. With a more centralized PKI, like the prevalent model in X.509, sending "helper certificates" is workable; that's what SSL servers do: when a SSL server sends to a connecting client its certificate, it actually sends a certificate chain.

Tom Leek
  • 170,038
  • 29
  • 342
  • 480
  • 1
    So, the public key servers house keys together with signatures of the keys? – Name Aug 02 '13 at 20:20
  • 2
    The public key, and a signature on it, are both encoded in the same file. A public key server would have very little value if it stored only unsigned public keys, because an unsigned public key cannot be trusted. – Tom Leek Aug 02 '13 at 20:23
  • 1
    Does the file contain signatures by everyone who's ever signed it, or does each signature of a key live in its own file on the server? Must one collect all the signatures of their own public key, or does each key signer upload their signature to the server themself? – Name Aug 03 '13 at 00:27