pgp pathfinder and key statistics

PGP pathfinder & key statistics FAQ

from :    to :       

stats :       


If your question isn't answered here, feel free to contact the author, Henk Penning.

frequently asked questions

There are really only a few frequently asked questions, all related to email addresses.

why do you publish my email address ?

This question was asked once or twice a week. I got fed up with it and substituted
  @ → .at.
in every uid.

After the change, the questions stopped ; the spambots didn't.

can you remove my email address from your pages ?

Hmm... You can do it yourself. The uid shown is the uid with the most recent self signature. To hide your email address, add a uid without one, and/or make sure it is selfsigned last.

why not mangle the email addresses ?

The only system that really works is : don't show email addresses. Any other system can (and will) be broken by spambots.
Fighting spambots is a lost battle ; fighting spammers is winnable, and a lot more fun.

why not hide the email addresses entirely ?

I hate spam, but I don't believe in hiding email addresses. My various email addresses appear on countless many web pages. A lot of spam is stopped by our MTA (postfix) ; the rest is filtered out by spamassassin ; I see some 10 spams a day ; they are fed to spamassassin's learn, and I never see them again.

Removing 10 spams a day is all it costs me to get the freedom to publish my email addresses everywhere I like. Small loss, big gain.

infrequently asked questions

where does the data come from ?

Before februari 2012, the data was provided by Jörgen Cederlöf & Patrick Feisthammel. Jörgen Cederlöf runs the web of trust statistics and pathfinder (wotsap) project. Among other things, each day a fresh .wot file was published in an archive. Each wot contains In december 2012, Christoph Egger announced he will provide a fresh wot weekly ; great news!

Starting april 2017 data is extracted weekly from the keyserver.

how fresh is the data ?

Near the bottom of each stats and paths page, you will find the date/time when the data was last refreshed.

why are some signatures missing ?

Sometimes the keyserver where the strong set is extracted is not entirely up-to-date. You can lookup your own key (or any other public key) and submit it again.

The keyserver is talking with other keyservers, exchanging info on inserts/deletes of public keys and signatures.

what's wrong with short (8-digit) key-id's ?


Valid HTML 4.01!
software by Henk P. Penninghomepgp