searching for keys

[Kristian Fiskerstrand]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 07/14/2013 09:46 AM, kardan wrote:
> Hi,

Hi

> 
> Searching for the owner via gpg brings different results without 
> success. I assume the pool is not that well mantained?
> 
> $ gpg --search kf at kfwebs.net gpg: suche nach "kf at kfwebs.net" auf
> hkps-Server pool.sks-keyservers.net gpgkeys: HTTP search error 51: 
> gnutls_handshake() warning: The server name sent was not
> recognized

pool.sks-keyservers.net is only intended to be active on port 11371
(i.e non-SSL/TLS connections). This will almost certainly fail or a
HKPS request (defaulting on port 443). As Pete Stephenson pointed out
in a recent email, the pool setup require the pool CA to be used,
rather than the certificate of individual members as described on [0].
Servers viable for the HKPS pool are flagged as such on [1]. Several
of these depend on SNI, so the hkps.pool.sks-keyservers.net hostname
has to be used together with the provided CA cert.

Also note that there is no requirement or any of the servers to offer
a human-readable web interface, and as such no checking is performed
as to how a possible such page is formed. This is a probably reason
for you reporting getting data back on a non-encrypted channel, if.e.g
you are met with a hard-coded <form action> on such a HTML template.
The pool is configured to work with direct client HKP[2] requests and
I'm not aware of any issues with this.

[0] https://sks-keyservers.net/overview-of-pools.php
[1] https://sks-keyservers.net/status/
[2] http://tools.ietf.org/id/draft-shaw-openpgp-hkp-00.txt

- ----------------------------
Kristian Fiskerstrand
Twitter: @krifisk
- ----------------------------
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Adde parvum parvo magnus acervus erit
Add little to little and there will be a big pile
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.0-beta220 (GNU/Linux)

iQIcBAEBCAAGBQJR4o1qAAoJEJjgB+fVz3puAt4QAJOzvGol+9SAO/Gg0WL6FlNE
YYnU7f2jdzs5XjR4QoQThpQVapyQCFWV6+DYoCkLvlQAMVi8Kr3UhW7urVZgm6RS
ksV5n36qKWzyptbQ7yVBUArRSh2mJYgXLySndjOnAwne0e1gBgJx1oI0rD3nXtoh
xnMXHH1IRRyrfaO4jmRBA/QxlvhefntzsvMHUihWpoE1snv2sRSPmbkfY4t6drF5
UerK5LrZYq6TF9Av/4QXfHKIqb0KwQZl5xxxvhZ1bHrqkXnGZnTG+ozhAo6XaByi
SiXt1NRiGZeKi8lL1MGQCMJZuD8XBII5ek1SzP2SWOdAZaarDNyQYSijGQVz30BB
vKIJ6MqNDg9UFxXCnOIRsvT2LUR/UJ9ZGELwUSXc8psE2hhcL2YHOG7bQss0GwDr
+va3khtBQwkrKVIZoK8UFEFfOBGgX7LHVLTnLrk7FdKU1pS7yBEtwAeQa21bK3a9
poBt7w3FkgOYXhXb9GoPLuRwAL86OWmOYqsYEauhvT04bvgwSr6fTTQAHYrd3U7e
8ILwhUiG+P6fTm0gFKY9buXsRnIrXxKuFpSZRvjIAs0Su6xCGRNxZoHPshUdH8ER
bDNQrA9F83n597N2Dg+gvvX1usbXJckSiU04+pDDnrsWCWjtKDA5IhSD2VancSsA
ZD4Pr8cVBtGP89oVLZR4
=3Ely
-----END PGP SIGNATURE-----