sks-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: hkps.pool.sks-keyservers.net DNS failing to resolve

From: David Moes
Subject: Re: hkps.pool.sks-keyservers.net DNS failing to resolve
Date: Wed, 15 Jan 2020 02:17:30 +0100 
Hi Todd,

For HPKS you must be added by Kristian to his self signed cert, without
this you don't get listed as HPKS-capable node.

David.

Am 15.01.2020 um 02:05 schrieb Todd Fleisher:
> Hi David,
> Good catch, that would explain it. I suspect Kristian’s script that
> checks the potential HKPS nodes in order to update the DNS record is
> failing and/or not running. I have confirmed my HKPS-capable nodes/pool
> respond to queries & key uploads, but I’m not sure what criteria he is
> checking on his end. FWIW, I do see recent “pings” from his IP address
> against nodes/pool as well (UTC timestamps):
> 
>     Jan 14 23:34:40 sks05 sks[17211]: 2020-01-14 23:34:40 Error handling
>     request (POST,/pks/add,[
>     Jan 14 23:34:40 sks05 sks[17211]: accept:*/*
>     Jan 14 23:34:40 sks05 sks[17211]: connection:close
>     Jan 14 23:34:40 sks05 sks[17211]: content-length:82
>     Jan 14 23:34:40 sks05 sks[17211]:
>     content-type:application/x-www-form-urlencoded
>     Jan 14 23:34:40 sks05 sks[17211]: host:sks_servers
>     Jan 14 23:34:40 sks05 sks[17211]: x-forwarded-for:37.191.231.105,
>     10.x.x.x]): Failure("Error while decoding ascii-armored key: text
>     terminated before beginning of ascii block”)
> 
> 
> -T
> 
>> On Jan 14, 2020, at 4:47 PM, David Moes <address@hidden
>> <mailto:address@hidden>> wrote:
>>
>> Hi Todd,
>>
>> This is probably because there is no server in the pool at the moment
>> that has HKPS.
>>
>> Check the status: https://sks-keyservers.net/status/ - (HKPS RED)
>>
>> Kind regards,
>>
>> David.
>>
>> Am 15.01.2020 um 00:25 schrieb Todd Fleisher:
>>> Hi Kristian,
>>> Starting @ 01-14-2020 20:45:18 UTC it seems DNS is failing to resolve
>>> successfully, with the public resolvers & NS-GLOBAL.KJSL.COM
>>> <http://NS-GLOBAL.KJSL.COM>
>>> <http://NS-GLOBAL.KJSL.COM> returning NXDOMAIN & the remaining
>>> authoritative servers for the returning REFUSED.
>>>
>>> Results can be seen here: https://pastebin.com/raw/JweLJyYL
>>>
>>> -T
>>>
>>
>> -- 
>> David Moes
>> Public OpenPGP 0xFBDD7EAAEDD53063 key at hkp://pgp.mit.edu
>> fpr: 550C D308 CC0D 1CE1 79D4  EAA0 233D B73F 31B9 7723
>> ----------------------------
>> “Logic will get you from A to Z; imagination will get you everywhere.”
>>
>> ― Albert Einstein
>> <0xFBDD7EAAEDD53063.asc>
> 

-- 
David Moes
Public OpenPGP 0xFBDD7EAAEDD53063 key at hkp://pgp.mit.edu
fpr: 550C D308 CC0D 1CE1 79D4  EAA0 233D B73F 31B9 7723
----------------------------
“Logic will get you from A to Z; imagination will get you everywhere.”

― Albert Einstein

Attachment: 0xFBDD7EAAEDD53063.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]