Re: [Sks-devel] IPv6 and GPG

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] IPv6 and GPG

From:	Phil Pennock
Subject:	Re: [Sks-devel] IPv6 and GPG
Date:	Mon, 9 Mar 2009 14:49:52 -0700

On 2009-03-09 at 09:19 -0400, David Shaw wrote:
> What with the recent discussion of IPv6, I'm curious if anyone has  
> tested GPG against it for key retrieval and submission.  It should  
> "just work" with the curl backend, but when GPG is built on a system  
> without curl, an internal HTTP handler is used instead.  I believe  
> this handler code should work fine as written, but I don't believe the  
> IPv6 piece of it has been tested extensively.  If someone could give  
> it a whirl, I'd appreciate it.  To force the use of the internal HTTP  
> handler even when you do have curl installed, you can build GPG with  
> "configure --without-libcurl".

Yes; using gpg was my test case that I had the HKP port stuff working.
I even mentioned this, but it'll be buried deep in a long post.  The
keyserver is open for public querying, so anyone can test against it.
Demos of gpg with curl working are below.  Yes, it just works.  :)

I don't have time right now to rebuild gpg; I use FreeBSD Ports builds
though and the options files record that I'm using curl (although ldd
doesn't report it (static linkage of that lib?) and an objdump of the
dynamic strings doesn't list anything matching Curl*).  As a feature
suggestion, it would be nice if gpg --version reported the optional
libraries it's linked against (not just libgcrypt).

Another idea is that on a line like:
  gpg: requesting key 0x99242560 from hkp server sks.spodhuis.org
you could follow the hostname with the IP address tried.

  $ gpg --keyserver 'hkp://[2001:980:fff:31::10]' --recv-key $keyid

% gpg --keyserver 'hkp://[2001:980:fff:31::10]' --recv-key 0x99242560
gpg: requesting key 0x99242560 from hkp server [2001:980:fff:31::10]
gpg: key 0x99242560: "David M. Shaw <address@hidden>" 1 new signature
gpg: Total number processed: 1
gpg:         new signatures: 1

% gpg --version
gpg (GnuPG) 1.4.9
[...]

% gpg2 --keyserver 'hkp://[2001:980:fff:31::10]' --recv-key 0x99242560
gpg: WARNING: This version has been built with support for the Camellia cipher.
gpg:          It is for testing only and is NOT for production use!
gpg: requesting key 0x99242560 from hkp server [2001:980:fff:31::10]
gpg: key 0x99242560: "David M. Shaw <address@hidden>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

% gpg2 --version
gpg (GnuPG) 2.0.11
libgcrypt 1.4.4
[...]

Regards,
-Phil

PS: IPv6 renumbering within the next month, so if you're reading this
    late and the above IPv6 address fails, look up sks.spodhuis.org and
    grab the IPv6 address from that.

pgpNszEAksyUs.pgp
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] IPv6 and GPG, David Shaw, 2009/03/09
- Re: [Sks-devel] IPv6 and GPG, Phil Pennock <=
  - Re: [Sks-devel] IPv6 and GPG, David Shaw, 2009/03/10
    - Re: [Sks-devel] IPv6 and GPG, Phil Pennock, 2009/03/10
    - Re: [Sks-devel] IPv6 and GPG, David Shaw, 2009/03/10
- Re: [Sks-devel] IPv6 and GPG, Phil Pennock, 2009/03/11
  - Re: [Sks-devel] IPv6 and GPG, David Shaw, 2009/03/13

Prev by Date: Re: [Sks-devel] [PATCH] IPv6 support
Next by Date: Re: [Sks-devel] details to configure SKS https web interface
Previous by thread: [Sks-devel] IPv6 and GPG
Next by thread: Re: [Sks-devel] IPv6 and GPG
Index(es):
- Date
- Thread