Dirmngr now supports hkps
Werner Koch
wk at gnupg.org
Mon May 19 10:10:53 CEST 2014
On Thu, 8 May 2014 20:28, gnupg-devel at spodhuis.org said:
> they want to be able to select a CA based on the pool. The current
> design of CA management/selection for keyservers in GnuPG, including the
> new dirmngr support, has to use the pool name in TLS SNI and Host: to
I changed that. If Dirmngr figures that the given keyserver is a pool
(more than one A or AAAA record), it used the canonical name of the pool
for Host and SNI. If it it is not a pool the the name is passed
verbatim to the http layer.
I also added some debug code to print the server certificates on failed.
DNS names are missing in the output but will be added soon.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list