Hostname of key server pool disappeared? hkps.pool.sks-keyservers.net

Jim Popovitch jimpop at domainmail.org
Tue Mar 19 17:42:10 CET 2019


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On Tue, 2019-03-19 at 08:18 +0100, Werner Koch wrote:
> On Mon, 18 Mar 2019 23:09, ml-gnupg-xix.iii at linuxwan.net said:
> 
> > keys.gnupg.net is just a CNAME for hkps.pool.sks-keyservers.net. This
> > host appears to be the default for GNUpg configs.
> 
> FWIW, keys.gnupg.net is a hardcoded alias in dirmngr since 2.2.7 and
> thus the CNAME is not used since that version of GnuPG.

One of the issues with that is not supervising the alias you delegate power
to.

keys.gnupg.net (aka hkps.pool.sks-keyservers.net) only has servers in Europe.

keys.gnupg.net has EDNS0 issues  http://dnsviz.net/d/keys.gnupg.net/dnssec/

I do understand why someone decided to delegate keys.gnupg.net to someone
else, but is that healthy for GnuPG?

- -Jim P.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEECPbAhaBWEfiXj/kxdRlcPb+1fkUFAlyRG+IACgkQdRlcPb+1
fkWieQ/+Nh849k2I7yLD6atD5TOTTXAzmVdGHYc8hz4Jn6Nrkr+Ppj11HheEg7n/
j1H+Y29yOtZcCrZn+0l475LPf8lzFF0zKyz3Y6kvaL4Z64LblKGewam1qLXBAuIv
orxoNNb8Oj+Wu+GapKvCUfPyPav+ZVU2XG36NMTEdnzvxfsJKheMBmtytnQTthLt
yOCHV17mV2gYcKCIbEllE7vFXER8tkHDP3uRvkQT+mB9vC/eEKQeOdguC4hCdMrx
J2fYfYv8slyF8kVKUt8ot/CeBmiLFkw4Aw5hmxmR1J7VuwIYzLeSeSqLwFihXTkk
ri7dYsfz7qcn1q/7mcQJEkiO0jR40iQOfLVJ/bUUD6R5RhqBwNfoXft59gKyHIeO
bGA6Gvzky0C7emRTesfIOgBdfD1Q23+3GVnC7scEgQTCyEXVUXidhY8msSyC/eD6
5zuBKKKB7BewVvtgecJw+bu/O3e53gouxvkLeHS6c+Y9jV1l017EsGZHCO6OU4wU
LUrdfYG/MOef6uJRk1kxHzDYiPsrH1DNyvKCCS4anoBaezIQfjubSrVPXGaJz+tB
e+sXVwc1jI6xYeNFZv5Vb6ZmKQ3rmbbeNkkLXYuiUIwj2pe+V/rhaCFA/FwYZHU/
1up8i9e2tHc64hjWO7D+hlHvbvOEegARQRno48NGWQXM9uXOppA=
=pVXK
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list