Frequently Asked Questions

Subject: Introduction

This is a list of Frequently Asked Questions (and answers) for the unmoderated newsgroup It explains the purpose of the newsgroup and how to efficiently distribute public encryption keys using It is a very short FAQ.

This FAQ assumes you have a basic working knowledge of your chosen encryption software. If you need more information about particular software, please try the resources listed at the end of this FAQ.

Subject: Contents of this FAQ.

  1. Introduction
  2. Contents of this FAQ.
  3. What is this newsgroup for?
  4. Why not just use a keyserver?
  5. How do I post my key to
  6. Should I post my key to other newsgroups?
  7. Further information about specific PKE software.

Subject: What is this newsgroup for?

This is the charter from Jonathan S. Haas's original newgroup message, posted 27 February 1993:

For your newsgroups file: Exchange of keys for public key encryption systems

This group is for people who use public key encryption systems such as
PGP or RIPEM to have a place to exchange public keys.

Jonathan's entire control message is archived at

Subject: Why not just use a keyserver?

Although I'm sure many people have many different reasons for using this newsgroup, there are two major ones:

First, there are several public key encryption (PKE) systems (such as InvisiMail, Puffer, RIPEM, Vouch, and Sifr) that do not have keyservers networks. A newsgroup can serve as a de facto keyserver for users of those systems.

Second, even for PKE systems with established keyservers (i.e. OpenPGP), provides "another channel of distribution". Many PGP users attempt to distribute their public keys through as many protocols as possible. Such users often have their keys available in such diverse locations as keyservers (distribution by e-mail and http), in .plan files (distribution by finger), on web pages (distribution by http), and in ftp archives. is another protocol for redundant key distribution, distribution by netnews.

(This FAQ's author has, at various times, distributed his key by finger, by web, by keyserver, by newsgroup, by Fidonet echomail and by CompuServe file library. This FAQ's author is prone to overkill.)

Subject: How do I post my key to

Whatever PKE software you're using must be able to extract your public key to a '7-bit', 'flat ascii', or 'plaintext' file. (Most PKE programs now export keys in text format by default.) Once you've extracted your key, just start an article to, cut-and-paste the keyfile into your article, and post it.

Your subject line should state what software you're posting a key for, and the e-mail address that key is for. I also recommend redirecting followups to e-mail with a "Followup-To: poster" header, because really isn't a discussion group.

You should repost your public key whenever it changes (i.e., you change your e-mail address, add a certification, or revoke the key). Given the ephemeral nature of netnews articles, periodically reposting unchanged keys is acceptable. Users who expect to repost keys often should consider adding "Expires:" and/or "Supersedes:" headers to their posts. The documentation for your newsreading software should explain these headers.

MIME-educated PGP-users (and GPG-users) may want to use "Content-Type: application/pgp-keys" for posting public keys. (This will make it easier for many PGP users to import your key, but it may prevent Google Groups from archiving the post containing the key.) See RFC 3156 at for a description of the PGP media types.

By the way, don't clear-sign the message containing your public key! That just makes it harder for people to add your key to their keyrings (Think about it: How do people verify the signature if they don't yet have the key on their keyring?) and does not verify the integrity of your key.

Subject: Should I post my key to other newsgroups?

If you mean "Should I post my key to other* or* newsgroups?", the answer is a definite "No". Those groups are discussion and/or announcement groups, and public keys don't count, unless they're very important keys (such as keys belonging to a timestamp server or certficate authority).

There are, however, at least 11 other key-distribution newsgroups located in smaller news hierarchies. You might want to crosspost your public keys to one of these newsgroups, or monitor them for new keys:

The newsgroup is part of the internal hierarchy for Demon Internet (an internet service provider in the United Kingdom), but has much wider distribution. Recommended for PKE-users in the UK.

The newsgroups fidonet.pkey_drop and are (defunct?) gated versions of (defunct?) Fidonet echomail channels. You cannot post to these groups from from the netnews side of the gateway.

The newsgroups aktiv-darkness.pgp-keys, city-net.diverses.pgp-keys, domino.pgp.schluessel, hothouse.lokal.pgp-keys, t-netz.pgp.schluessel, public_key, waros.pgp.schluessel, and z-netz.alt.pgp.schluessel, are for distributing PGP keys only, and are part of German-language news hierarchies ("schluessel" means "keys"). Many of these groups are defunct and/or ISP-local groups.

Subject: Further information about software mentioned in this FAQ.

GPG is available at

InvisiMail RPK is apparently out of business but the demo version of InvisiMail Lite is still available at

PGP is available at and

Puffer is available from

RIPEM's source code is available at

Sifr & Vouch are available at Copyright © 1997-2004