gpg 2.1.15, *no* keyservers found for submit/recv, "DNS query returned an error or no records: No such domain (nxdomain)"
Kristian Fiskerstrand
kristian.fiskerstrand at sumptuouscapital.com
Sat Oct 15 13:00:56 CEST 2016
On 10/15/2016 12:51 PM, Kristian Fiskerstrand wrote:
> On 10/15/2016 03:15 AM, Daniel Kahn Gillmor wrote:
>> On Wed 2016-10-12 18:07:07 -0400, Kristian Fiskerstrand wrote:
>>> Well, seems SRV records are causing more issues than they are
>>> useful. They only ever make sense for the geographical sub-pools in
>>> order to distributed the traffic using weights there, for the rest of
>>> the pools they are a noop since allowing specific ports etc is a bad
>>> idea overall.
>>>
>>> This is further complicated by gnupg 2.1 using _hkp , whereby the
>>> consensus in previous implementation has been _pgpkey-http._tcp. So
>>> where SRV is implementere it is using the original identifier.
>>
>> hm, where was _pgpkey-http._tcp initially documented? /etc/services on
>> my machine has port 11371 registered explicitly as hkp
>>
>
> It is what is used in gnupg prior to 2.1. See e.g (in stable branch)
> commit 2e835fd6ab70b7d85cfc90d11baa1cc4cb61a8ef
> Author: David Shaw <dshaw at jabberwocky.com>
> Date: Wed Jul 8 04:01:13 2009 +0000
>
> * gpgkeys_hkp.c (main, srv_replace): Minor tweaks to use the DNS-SD
> names ("pgpkey-http" and "pgpkey-https") in SRV lookups instead of
> "hkp" and "hkps".
>
>
http://dns-sd.org/ServiceTypes.html also does not list "hkp" (but does
list pgpkey-hkp, which doesn't necessarily make sense since the request
is either http or https transport...)
pgpkey-hkp Horowitz Key Protocol (HKP)
Marc Horowitz <marc at mit.edu>
Protocol description:
http://www.mit.edu/afs/net.mit.edu/project/pks/thesis/paper/thesis.html
Defined TXT keys: None
pgpkey-http PGP Keyserver using HTTP/1.1
Jeroen Massar <jeroen at unfix.org>
Protocol description: RFC 2816
Defined TXT keys: path=<path on the server where the HKP
applications reside>
normally: "path=/pks/"
pgpkey-https PGP Keyserver using HTTPS
Jeroen Massar <jeroen at unfix.org>
Protocol description: RFC 2818
Defined TXT keys: path=<path on the server where the HKP
applications reside>
normally: "path=/pks/"
pgpkey-ldap PGP Keyserver using LDAP
Jeroen Massar <jeroen at unfix.org>
Protocol description: RFC 2251
Defined TXT keys: None
pgpkey-mailto PGP Key submission using SMTP
Jeroen Massar <jeroen at unfix.org>
Protocol description: RFC 2821
Defined TXT keys: user=<user portion of the mail address>
--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
Ad astra per aspera
To the stars through thorns
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20161015/8edbdbc8/attachment-0001.sig>
More information about the Gnupg-devel
mailing list