Where to upload PGP public key? Are KeyServers still surviving?
2020-09: If your GnuPG reports "General error" when retrieving keys, that's because it defaults to the SKS HKPS pool which has completely drained. Configure it to use some other server.
Yes, keyservers still exist:
The SKS Keyserver Pool (stats) is still online, but just barely. Note that although the total pool is at ~20 servers, GnuPG by default uses the HKPS pool which only consists of
four serversas of 2020-09, no servers whatsoever.Some keyservers, such as Ubuntu keyserver, have replaced SKS with more modern and reliable software such as Hockeypuck. They do however still synchronize with the SKS pool.
The old PGP Global Directory is still online, untouched since 2011. It is not part of the SKS pool and doesn't sync with other servers.
New standalone servers are showing up, such as keys.openpgp.org. They are not part of the SKS pool and do not synchronize with each other (at least for now). Note that this particular server requires key owners to opt-in to being published.
People usually use the SKS pool, since it consists of many servers which synchronize their databased continuously. Meanwhile, Global Directory is a single, commercially operated server which may go down at any time; the same goes for the new non-SKS keyservers.
The default keyserver for GnuPG, keys.gnupg.net
, is now an alias to the SKS pool as well.
However, SKS has the problem of accepting anything and storing it forever (much like a blockchain). This has caused problems for a long time, but started getting massively abused in 2018–2019. The new keyservers don't have synchronization partly because they want to figure out how to combine opposing goals.
The popular pgp.mit.edu
has finally upgraded to SKS and is now part of the pool. There also exist a bunch of other keyservers not part of the SKS pool (listed in the same status page).
There are also at least four (4) ways of publishing your PGP key information via DNS, which would be more reliable than the keyserver pool currently is. However, two of those formats are only compatible with old GnuPG versions <2.1.3 and the other two are only compatible with new versions ≥2.1.3. Since all of them are tedious to setup, are treated as a toy feature by GnuPG and not supported at all by other PGP tools, I wouldn't recommend using DNS for this purpose.
As of mid-Sept 2019 three months following launch keys.openpgp.org news has this to say:
It is now used by default in GPGTools, Enigmail, OpenKeychain, GPGSync, Debian, NixOS, and others.
The adoption rates are impressive. According to the news quoted keys.openpgp.org
saw in increase from about 2000 to 70K verified email address in a 3 months span just this year year.
If new keyservers are seeing the kind of reception we've seen with keys.openpgp.org
it would be hard to say not only are keyservers surviving, they're growing in popularity.
I was facing the same issue today and found that neither keyserver.pgp.com/
nor sks-keyservers.net/
would reply timely to me.
However, I found that keyserver.ubuntu.com
worked.