Local solutions: SKS Keyserver Network Under Attack [edited]
siemons at cleanfuels.nl
Tue Jul 2 11:21:24 CEST 2019
GNUPG Users Digest is nearly flooding my mailbox with exchanges about
the WoT and keyserver issues.
A simple user (me) needs to know how one could make adaptations in the
settings of GPA or Kleopatra. I would expect instructions here:
or perhaps here:
*There are not.*
Hansen's and DKG's blog are only partly helpful. For example my Linux
system seems to *not* have a ~/.gnupg/dirmngr.conf file at all (one of
those files recommended for editing). I.e. Nautilus cannot find it.
So, I did adapt gpg.conf by outcommenting (#) any line starting with
keyserver, but was not able to adapt the dirmngr.conf.
Upon inspection, thereafter, my GPA and Kleopatra were NOT correctly
Trying to figure out how GPA and Kleopatra could be adapted, I found,
for GPA: Menu > Edit > Backend preferences > Network > Configuration for
Keyservers > Use custom value > adapt to hkps://keys.openpgp.org
For Kleopatra: Menu > Settings > Configure Kleopatra > Directory
Services > Open PGP Keyserver > adapt to hkps://keys.openpgp.org
(I would have included an inline screenshot, but this list is allergic
Apparently these GUI manipulations generated the ~/.gnupg/dirmngr.conf
file! (Only hereafter they existed). And that file indeed showed the new
GPG4Win and Enigmail need further research. (This is a suggestion. I
cannot do it).
And further, I would have expected a program update that sets the
defaults to the ones suggested by Hansen and DKG. Or is the matter still
under consideration, or is it not that important? (I personally cannot
The only hint that I can give: The WoT nor keyservers are not very
important in my case. I use GnuPG inside a small group of people who
(for identity verification) can talk to each other, at least by
telephone. I do not use Enigmail (since limited to few mail clients and
not accepted by sufficient of my recipients), but just send encrypted
messages as attachments.
More information about the Gnupg-users