[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] CNAMEs for sks pool
From: |
Fabian Santiago |
Subject: |
Re: [Sks-devel] CNAMEs for sks pool |
Date: |
Sun, 19 Feb 2017 19:26:24 -0500 |
thanks.
On Sun, Feb 19, 2017 at 6:59 PM, Phil Pennock
<address@hidden> wrote:
> On 2017-02-19 at 16:59 -0500, Fabian Santiago wrote:
>> may i ask, what are all of the CNAMEs for the pool? Thanks.
>
> Nobody knows for sure. There can be arbitrary names.
>
> This is covered in:
> https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Peering
>
> Beware that for port 11371 traffic, you must be able to handle
> requests with any Host: header, for the various pools and CNAMEs which
> exist, and you must accept requests with no User-Agent: header set, as
> at least one major OpenPGP HKP client refuses to set a User-Agent
> field when talking to keyservers.
>
> You don't need to accept unknown names on ports 80/443.
>
> The most _common_ CNAMEs are at:
> https://www.sks-keyservers.net/overview-of-pools.php
> and also "keys.gnupg.net", which points to one of those.
>
> Other people can set up their own CNAMEs; Kristian's service is widely
> used, including by gnupg.net, but not in any way especially privileged.
>
> -Phil