[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Key server status
|
From: |
Todd Fleisher |
|
Subject: |
Re: Key server status |
|
Date: |
Thu, 7 Mar 2024 10:28:04 -0800 |
That response means what you uploaded was already on the keyserver so it was
ignored. I also see that key fingerprint on the keyserver, so if it wasn’t
available on keyserver.ubuntu.com and your upload was ignored I’m not sure
how/why it would suddenly be showing up @
https://keyserver.ubuntu.com/pks/lookup?search=0x05fa40b23af5025974c3b1a6c62aa8645d00d25b&fingerprint=on&op=index
I went ahead and uploaded a copy of it to my key servers so it will will sync
with the rest of the peered network since we won’t peer with Canonical right
now.
You may also want to update keys.openpgp.org which still has one of your now
expired keys
(https://keys.openpgp.org/vks/v1/by-fingerprint/DF16781A604A4F605F98B301F29BF36844FB7922)
-T
> On Mar 7, 2024, at 10:18, Skip Carter <skip@taygeta.com> wrote:
>
> I just tried uploading to the ubuntu server. 2024-03-07 18::08 GMT
> uploading to the ubuntu server. The response was:
>
> {"inserted":null,"updated":null,"ignored":["rsa4096/05fa40b23af5025974c
> 3b1a6c62aa8645d00d25b"]}
>
> I will check later if it sticks.
>
> (For proper public access I also updated my key at keyserver.pgp.com
>
> On Thu, 2024-03-07 at 09:54 -0800, Todd Fleisher wrote:
>> I would challenge that the ubuntu server is even well maintained for
>> day-to-day issues currently. My PGP key (0x 949D203A) was uploaded
>> directly to their server in the past as well as being available on my
>> nodes which they used to peer with. However, keyserver.ubuntu.com
>> began to intermittently respond with 404 not found errors when
>> searching for it (at least) almost 1 year ago when I began monitoring
>> it on May 1 2023. It remained that way until June 19, 2023 at which
>> point it started responding with 404 not found errors 100% of the
>> time as you can see here:
>> https://i.ibb.co/rcBJXbg/Screen-Shot-2024-03-07-at-09-45-53.png
>>
>> I’d be curious to know if Skip or anyone else has had similar
>> experiences after trying to upload their key directly to canonical’s
>> server and then checking back to see if it is retained & made
>> available to clients that query for it.
>>
>> Not to be totally negative, as Andrew is correct that we may finally
>> be making some progress with direct outreach to a new contact @
>> Canonical whereas even that failed in the past with individuals who
>> were responsible for their keyserver (e.g. handled peering requests
>> and the like). Fingers crossed.
>>
>> -T
>>
>>> On Mar 7, 2024, at 09:15, Andrew Gallagher via SKS development and
>>> deployment list <sks-devel@nongnu.org> wrote:
>>>
>>> On 7 Mar 2024, at 16:47, Skip Carter <skip@taygeta.com> wrote:
>>>>
>>>> I have found that the keyservers are not properly synced:
>>>>
>>>> The MIT server has my key from 2023-03-29
>>>> but the Ubuntu server has only my old expired key 2019-04-10 (4
>>>> years
>>>> out of date!).
>>>
>>> The MIT server is effectively running unmaintained at the moment.
>>> It is a single-threaded sks-keyserver node with severe stability
>>> issues. We have tried engaging with them on several occasions but
>>> there has been no reply. I would not recommend relying upon it.
>>>
>>> The Ubuntu keyserver is well-maintained for day to day issues, but
>>> there is some disconnect internally between their SRE teams and
>>> their support desk. We are making some progress and hope to be back
>>> in sync shortly.
>>>
>>> You can see the current sync state of the graph at
>>> https://spider.pgpkeys.eu/graphs
>>>
>>> A
>>>
>>
>
> --
> Dr Everett (Skip) Carter 0xC62AA8645D00D25B
> skip@taygeta.com
> Taygeta Scientific Inc
> 607 Charles Ave
> Seaside CA 93955
>
> 831-641-0645 x103
>
>
signature.asc
Description: Message signed with OpenPGP