keys.gnupg.net is blocked by Palo Alto Wildfire

Kristian Fiskerstrand kristian.fiskerstrand at sumptuouscapital.com
Fri Aug 10 11:10:54 CEST 2018


On 08/10/2018 02:20 AM, Tim Perkins wrote:
> I did observe that at least one of the pool members seems to not be
> configured properly (if I do a ‘curl -k -H 'Host:
> http-keys.gnupg.net' https://37.191.226.104’ it displays a busted
> Matomo page).

This is actually my server, but why would it respond to such a host on
port 80? it responds to keys.gnupg.net on 11371 (default HKP port) as it
should. Fut for HKPS/HTTPS there aren't any expectations for
certificates for the SNI etc, hkps.pool.sks-keyservers.net is used for
that by default.

-- 
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
Audaces fortuna iuvat
Fortune favors the brave

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180810/9231db0f/attachment-0001.sig>


More information about the Gnupg-users mailing list