common/t-dns-cert takes a very long time when DNS resolver doesn't answer on TCP

Daniel Kahn Gillmor dkg at
Fri Dec 19 22:32:10 CET 2014

Testing with gnupg 2.1.1 from git:

common/t-dns-cert takes a very long time to complete, and it appears to
be hanging for a few minutes when trying to connect to my local DNS
resolver with a TCP connection, after getting a UDP response from the
local resolver.

the only output is:

CERT lookup on ''

i'm not using adns, fwiw.  (should i be?  is adns a recommended configuration
choice for gnupg?)

Is anyone else seeing this delay in common/t-dns-cert?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: </pipermail/attachments/20141219/bac77bb4/attachment.sig>

More information about the Gnupg-devel mailing list