If we want to avoid the need for manual recovery in case a profile update makes it to the keyserver but the reply does not make it back, the client should retry the update until it gets a definitive response. Not doing this can cause the affected client to sign messages using the previous PGP key while its contacts see the results of an update whose reply got list (and thus they reject the signatures).
adon-at-work
commented
8 years ago
If we want to avoid the need for manual recovery in case a profile update makes it to the keyserver but the reply does not make it back, the client should retry the update until it gets a definitive response. Not doing this can cause the affected client to sign messages using the previous PGP key while its contacts see the results of an update whose reply got list (and thus they reject the signatures).