GnuPG 2.1.0: --refresh-keys regression
Luis Ressel
aranea at aixah.de
Tue Nov 11 23:49:20 CET 2014
Hello,
One of the changes introduced with GnuPG 2.1 -- namely, using dirmngr
for key retrieval -- has caused some problems for me. First of all, I'm
not able to use gpg --refresh-keys anymore, as dirmngr requests all of
the keys from the keyserver at once, instead of one-by-one as GnuPG 2.0
did.
For keyrings with more than approx. 70 keys, the keyserver
(sks-keyservers.net) denies the request, thereby causing the error
gpg: keyserver refresh failed: Too many objects
and failure to receive any key updates.
I assume keymngr should handle this in a better way (or is it wrong for
the keyservers to deny such requests?)
dirmngr also seems to have problems with hkps certificate checking for
keyserver addresses with round-robin DNS, but I need to examine this
further before I can provide details.
Regards,
Luis Ressel
--
Luis Ressel <aranea at aixah.de>
GPG fpr: F08D 2AF6 655E 25DE 52BC E53D 08F5 7F90 3029 B5BD
More information about the Gnupg-users
mailing list