Debian Public Key Server

This public key server provides simple HKP lookup and add requests for Debian developer and maintainer public keys.

The server may be accessed with gpg by using the --keyserver option in combination with either of the --recv-keys or --send-keys actions.

Please note that this server is meant only for basic key retreive/update operation, and does not implement search functionality. To search for a specific Debian Developer, use the Developer LDAP Search interface.

Only keys in the Debian keyrings (ie those for DDs and DMs) will be returned by this server and only pre-existing keys will be updated, although a copy of all updates will be forwarded to a keyserver network.

To update a key that is already present in the keyring (say, for updating the expiry date, adding identities/subkeys, or uploading more signatures), just send it via HKP (ie with --send-keys under gpg). Note that we will not automatically import any information from the keyserver network.

Updated keys sent via HKP will be folded into the active Debian keyring at least once a month.

To replace an existing key or remove a key from the Debian keyring file an RT request by sending email to keyring@rt.debian.org with the words 'Debian RT' somewhere in the subject line (case doesn't matter, and please remember to include something descriptive as well). Unfortunately RT mangles PGP/MIME so you need to put any signatures inline. If you are replacing a key with an entirely new key (rather than just updating the expiry or subkeys) you should read the rules for key replacement in the Debian keyring. New keys should be larger than 1024 bits and capable of hashes stronger than SHA1; see the GnuPG key creation guide.

Debian keys may also be retrieved by using the form at db.debian.org or:

finger user@db.debian.org

This server also provides the full keyring via anonymous rsync in the 'keyrings' module, e.g.:

rsync -az --progress keyring.debian.org::keyrings/keyrings/ .

Note that updates through this server will not be immediately reflected in the keys returned by those mechanisms.

The Debian keyring is maintained in a Git repository, which can be viewed at:

http://anonscm.debian.org/gitweb/?p=keyring/keyring.git/

See the www.debian.org for more information about the Debian Project.

keyring.debian.org only deals with keys for Debian Developers. Please do not send add requests for your key if you are not an existing DD; the Debian Account Managers will submit the key add request for new developers when they successfully complete the NM process.