Dirmngr now supports hkps

Kristian Fiskerstrand kristian.fiskerstrand at sumptuouscapital.com
Wed May 7 22:19:33 CEST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 05/07/2014 08:51 PM, Werner Koch wrote:
> On Wed,  7 May 2014 18:17,
> kristian.fiskerstrand at sumptuouscapital.com said:
> 


> 
>> I strongly suggest using the original hostname provided as SNI
>> when performing keyserver lookups, this is also consistent with
>> current
> 
> Okay.  What about a dirmngr options to enable or disable the use of
> the pool name?

As long as the hostname provided by the client is used by default for
(i) HTTP Host: and; (ii) in the context of TLS for SNI (c.f. arguments
similar to those presented in issue1447[0]) I don't have any arguments
against a tunable option to change the behavior.

References:
[0] http://bugs.g10code.com/gnupg/issue1447



- -- 
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Prævenire melius est quam præveniri
It is better to precede than to be preceded
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJTapVVAAoJEPw7F94F4Tagkq4P/RdB/WuL8ZmH88fBzlHuFH5w
T+7VDW507u2j16zDaY9gpQjkl+05HxFLvIw83QXdISqkGvyKp/PlBZdd4lDZtFja
IxgoM9CHH8DhemUi3ws4KhYlMq8gnCOGCVAP13VzmOEZOq6mcb7KU6Meg7I2rBHk
GzHmdw/tZzvdPOiUFrQ77wuDNJrx2rjVkdR96RZNgGQvHyPm/ldvGnsfz3xsmJYK
YU1oa+6YL6rIfnDFGAwsOmdKLR0bszXVrT/LtuZfj3apjKNkYpecmI02avic2uq6
JJ8nOLRHFQp+m76+0ITuoI7oW62VXhuLrvL2D1/Eg8zXK40k0Xss63XhyQeKOVRX
jaMwEt75bJ4zNBpD1cpsrh4gN9bgAFwoAxgcrYDcj4wfMzUytgNmvnSqEdr4eaSS
+++ruyPZGHH+utFZvzLgulwdYoisJ+SAryd2Yf7BiwVfWumGxjEBycka0nxwXa2n
Bc2X37ugzcJvF/mt9xgFT6ce6dKdq4F5HR85xfOZMaO51Rg0e/aDWNspdOkY/3zE
0uhhPpn7mU2tSLVLsQ3M8qAOs3ffVgZug3LCtY59caspYOX8jKjeqCwFEsLIXynl
w6Yf0hugY8xvII2QUBVn2+ePB80+0w2eyyyTpHATAOi9QcC+wjsoEd8zLdXNt1U9
IvI0LwkK1p/9KO34wFXP
=VYYE
-----END PGP SIGNATURE-----



More information about the Gnupg-devel mailing list