Re: [Sks-devel] Keyservers and GDPR

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Keyservers and GDPR

From:	Werner Koch
Subject:	Re: [Sks-devel] Keyservers and GDPR
Date:	Wed, 29 May 2019 08:56:10 +0200
User-agent:	Gnus/5.13 (Gnus v5.13)

On Sun, 26 May 2019 22:39, address@hidden said:

> With the various problems of SKS today, I tentatively suggest that not
> defaulting to the HKPS pool and choosing a different target for the
> keys.gnupg.net CNAME might be beneficial.

FWIW, keys.gnupg.net is since gnupg 2.2.7 not a CNAME name but aliased
by dirmngr in this way:

  hkps://keys.gnupg.net       -> hkps://hkps.pool.sks-keyservers.net
  https://keys.gnupg.net      -> https://hkps.pool.sks-keyservers.net
  hkp://keys.gnupg.net        -> hkp://hkps.pool.sks-keyservers.net
  http://keys.gnupg.net       -> http://hkps.pool.sks-keyservers.net
  hkps://http-keys.gnupg.net  -> hkps://ha.pool.sks-keyservers.net
  https://http-keys.gnupg.net -> https://ha.pool.sks-keyservers.net
  hkp://http-keys.gnupg.net   -> hkp://ha.pool.sks-keyservers.net
  http://http-keys.gnupg.net  -> http://ha.pool.sks-keyservers.net

  keys.gnupg.net              -> hkps://hkps.pool.sks-keyservers.net
  http-keys.gnupg.net         -> hkps://ha.pool.sks-keyservers.net

this was needed to void problems with server name matching.  Thus we
can't change that easily.  Anyway, it is suggested tha the default
keyserver is used which is  hkps://hkps.pool.sks-keyservers.net  To
change this the keyserver option in dirmngr.conf needs to be used.

> suspect that >> subset.pool.sks-keyservers.net << is likely to be the
> best choice for GnuPG; the meaning of "subset" changes over time,

I am pretty sure that changing to this as the default will raise a lot
of concerns from the folks who want to elimiated the use of the string
"http://";.



Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Sks-devel] Keyservers and GDPR, ilf, 2019/05/13
- Re: [Sks-devel] Keyservers and GDPR, Tobias Frei, 2019/05/13
  - Re: [Sks-devel] Keyservers and GDPR, Georg Faerber, 2019/05/13
- Re: [Sks-devel] Keyservers and GDPR, ilf, 2019/05/25
  - Re: [Sks-devel] Keyservers and GDPR, Werner Koch, 2019/05/26
    - Re: [Sks-devel] Keyservers and GDPR, Phil Pennock, 2019/05/26
    - Re: [Sks-devel] Keyservers and GDPR, Kristian Fiskerstrand, 2019/05/27
    - Re: [Sks-devel] Keyservers and GDPR, Werner Koch, 2019/05/29
    - Re: [Sks-devel] Keyservers and GDPR, Andrew Gallagher, 2019/05/29
    - Re: [Sks-devel] Keyservers and GDPR, Dirk-Willem van Gulik, 2019/05/29
    - Re: [Sks-devel] Keyservers and GDPR, Werner Koch <=
- Re: [Sks-devel] Keyservers and GDPR, Tobias Mueller, 2019/05/27
  - Re: [Sks-devel] Keyservers and GDPR, ilf, 2019/05/27
    - Re: [Sks-devel] Keyservers and GDPR, deloptes, 2019/05/27
    - Re: [Sks-devel] Keyservers and GDPR, Andrew Gallagher, 2019/05/27
    - Re: [Sks-devel] Keyservers and GDPR, Jim Popovitch, 2019/05/27
    - Re: [Sks-devel] Keyservers and GDPR, Andrew Gallagher, 2019/05/27

Prev by Date: [Sks-devel] peering request for keyserver.taygeta.com
Next by Date: Re: [Sks-devel] Keyservers and GDPR
Previous by thread: Re: [Sks-devel] Keyservers and GDPR
Next by thread: Re: [Sks-devel] Keyservers and GDPR
Index(es):
- Date
- Thread