searching for keys

Kristian Fiskerstrand kristian.fiskerstrand at sumptuouscapital.com
Sun Jul 14 14:02:35 CEST 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 07/14/2013 04:33 AM, Henry Hertz Hobbit wrote:
> On 07/13/2013 09:56 PM, kardan wrote:
>> Hi,
>> 

..

> 
> I question the legitimacy of the first in the first place since it
> doesn't even have a WHOIS record for either sks-keyservers.net or
> hkps.pool.sks-keyservers.net and the browser warns that the 
> certificate may not be legitimate.  Since I worked with lots of 
> malware, this would lead me to believe I was well into the red 
> zone.  The IP addresses are also a little unsetting as well:
> 

...


> 
> But since it is a pool service it is really their baby and you 
> would probably best take it up with them.  I think they would tell
> you that most people would prefer the redirect than going without
> the key that they are searching for.

The pool is configured as a DNS Round Robin[0], so no request is being
handled by the pool itself, and no redirection is happening to other
servers. However, all the servers included in the HKPS pool needs to
be validly certified by the pool CA.

[0] http://en.wikipedia.org/wiki/Round-robin_DNS

- -- 
- ----------------------------
Kristian Fiskerstrand
Twitter: @krifisk
- ----------------------------
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Adde parvum parvo magnus acervus erit
Add little to little and there will be a big pile
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.0-beta220 (GNU/Linux)

iQIcBAEBCAAGBQJR4pNbAAoJEJjgB+fVz3puiEIP+wR5XHy/UzeX9vrXeN3bYrq2
0yohNqVWgYmpkriy2HtLibgUnSeWY8n762x2mrF7LzKX0w9BvR6bpPn4mmLcaYz9
5Ze4RjnJC1yT+w4YWtJJaSvRBudF1y4ZIuC5FgyhFFX+OWNzpSTHf8fFw0XwjxIo
Xqtge5m6yZIvlGlZtOw8UuyEq+guynmGmYR/1fMFacHA/HAghVU4p4olDElHSDO5
p1wuiLpWb/JWfS1OYN/Nxt4/vQUmDjMFuhutK8ARAmRmT4YLL0WZNNpkvNl1jdCC
dSJdCFNfqCHaAGCp2S7oU+t7hzqZ1lzCpBK1+Wue2TkpE+3Tld6wOQ8uvL9lhG5x
Smvf0+fY9kZbcjhQlCT/zl1PCSZxzXYzCSqt9XoDUhJwcQc5OBwgiJY5LBWn+gGa
k8xnXe3l1hqds3DDjLO5Z4gp5Zafmj1NYmF8Po0rNpEQWcVNvWHwqGszu6ToDeYy
1OuO/jIFATH7Ek/ul+IQ+G4DmN3iuIOmKrcfrJZf/vJoaVVjO2yk3fLfAAoJzgJl
EQm5DDY9sQBUiF7p+kCdwmBH/ePkWFPB0pguCYz2iV6pDDTUPgz+DxjPDFtz7IVg
3ZwWLbhAaPaK5vBq1/PKufYkIAwz4BF9ZeLSzVmRFzqhogeDWcgDnk87uS/sH9sd
kJapNhiMMe/PPojWroMq
=NWBO
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list