[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] keys.gnupg.net anomaly
From: |
Christoph Egger |
Subject: |
Re: [Sks-devel] keys.gnupg.net anomaly |
Date: |
Thu, 28 Apr 2016 17:45:11 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Hi!
"Kiss Gabor (Bitman)" <address@hidden> writes:
> I found requests for https://keys.gnupg.net/ in my Apache logs
> on keys.niif.hu. Of course they were unsuccessful because
> my HTTP daemon is not set up to provide this virtual site.
>
> In the DNS we can see this:
> keys.gnupg.net CNAME pool.sks-keyservers.net
>
> Phil Pennock writes on http://sks.spodhuis.org/:
> | End-users should use a pool definition, such as keys.gnupg.net which will
> | alias into an operational pool.
>
> So this seems to be a well known situation but I don't believe
> it would be a wise thing.
> Google is full of complaints about "unreachable" or "non functional"
> keys.gnupg.net. The reason is above.
>
> What do you think, folks?
AFAIR keys.gnupg.net has been discussed here and keyserver oeprators are
expected to make this work -- at least for hkps.
of course -- if people use keys.gnupg.net with https, this advice should
probably be fixed and/or the cname be moved to the "right" pool
Christoph
--
9FED 5C6C E206 B70A 5857 70CA 9655 22B9 D49A E731
Debian Developer | Lisp Hacker | CaCert Assurer