Questions about OpenPGP best practices
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Feb 26 09:14:13 CET 2013
On 02/25/2013 11:52 PM, Niels Laukens wrote:
> I find *.sks-keyservers.net unusable (unfortunately).
>
> More often than not, I get this:
> gpgkeys: HTTP fetch error 7: couldn't connect: End of file
>
> tcpdump shows me that the server just closes the connection without an
> answer.
> It does work from time to time, so when doing a manual --recv-key, I
> usually get the key within a few tries. But when using e.g. caff (which
> does not retry), it's unusable.
please report this to the sks-devel list, where Kristian has been
supporting these pools. I think he would appreciate hearing about the
problems you're describing:
SKS development list <sks-devel at nongnu.org>
If you could set "keyserver-options debug" in ~/.gnupg/gpg.conf that
might provide you with more detailed output as well.
> And while pgp.mit.edu might not be the best keyserver, it works... (from
> my experience at least).
If your definition of "works" includes staying well-synced with the
strong set, pgp.mit.edu does not have a great record of working.
Keyservers need to stay up-to-date to be useful.
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130226/4632766e/attachment.pgp>
More information about the Gnupg-users
mailing list