@micahflee This guide may be useful to some of your followers who fetched updates to their keyring after your key was flooded with 84,366 bogus signatures last month

The guide is really good! Compiles a lot of useful stuff from various sources.

Micah once had his key available through Web Key Directory. Expired keys that are retrieved through WKD are automatically refreshed using WKD avoiding keyservers altogether (

Enigmail 2.0.12 released a week ago changes the default keyserver to so if the extension was updated before refreshing a flooded key it should be OK. Source:

@wiktor Thanks for the feedback :) I updated the article to note the changes to enigmail v2.0.12

No problem. I wasn’t impacted by the issue but I’ve seen a lot of people with the problem so I’ll know where to point them :)

If you check out quite a lot OpenPGP clients already default to it. Too bad third-party signatures are not supported by design.

Other news: GnuPG 2.2.17 that contains several “enhancements” related to this SKS issue breaks some workflows:

Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!