<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

  </head>

  <body>

    <br>

    <blockquote type="cite"

cite="mid:CALeiixV2y+-29gHsx6BFzoHcMX-USei0Rc-6v+zsbyfa9d3kaA@mail.gmail.com">

      <meta http-equiv="content-type" content="text/html; charset=UTF-8">

      <div dir="ltr">Starting on the morning of June 21 between ~6am and

        9am PDT, one of our CI jobs which fetches gpg keys with:

        <div><br>

        </div>

        <div><span style="color:rgb(0,0,0);font-family:monospace,monospace;font-size:13px;letter-spacing:0.1px;white-space:pre-wrap">gpg --keyserver hkp://<a href="http://pool.sks-keyservers.net" moz-do-not-send="true">pool.sks-keyservers.net</a> --recv-keys ...</span><br>

        </div>

        <div><span style="color:rgb(0,0,0);font-family:monospace,monospace;font-size:13px;letter-spacing:0.1px;white-space:pre-wrap">

</span></div>

        <div>.... started failing because of what looks like a failure

          to resolve the pool name.</div>

        <div><br>

        </div>

        <div>FWIW the following also fails in the same way:</div>

        <div><br>

        </div>

        <div><span style="color:rgb(0,0,0);font-family:monospace,monospace;font-size:13px;letter-spacing:0.1px;white-space:pre-wrap">gpg --keyserver hkp://<a href="http://ipv4.pool.sks-keyservers.net" moz-do-not-send="true">ipv4.pool.sks-keyservers.net</a> --recv-keys ...</span></div>

        <div><br>

        </div>

        <div>And testing from my machine, it looks like these names now

          get NXDOMAIN when attempting to resolve in DNS:</div>

        <div><br>

        </div>

        <div>

          <p class="gmail-p1"

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

              class="gmail-s1"

              style="font-variant-ligatures:no-common-ligatures">$ host

              <a href="http://ipv4.pool.sks-keyservers.net"

                moz-do-not-send="true">ipv4.pool.sks-keyservers.net</a></span></p>

          <p class="gmail-p1"

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

              class="gmail-s1"

              style="font-variant-ligatures:no-common-ligatures">Host <a

                href="http://ipv4.pool.sks-keyservers.net"

                moz-do-not-send="true">ipv4.pool.sks-keyservers.net</a>

              not found: 3(NXDOMAIN)</span></p>

          <p class="gmail-p1"

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

              class="gmail-s1"

              style="font-variant-ligatures:no-common-ligatures"><br>

            </span></p>

          <p class="gmail-p1" style="margin:0px;font:11px

            Menlo;color:rgb(0,0,0)"><span class="gmail-s1"

              style="font-variant-ligatures:no-common-ligatures">$ host

              <a href="http://pool.sks-keyservers.net"

                moz-do-not-send="true">pool.sks-keyservers.net</a></span></p>

          <p class="gmail-p1"

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

              class="gmail-s1"

              style="font-variant-ligatures:no-common-ligatures">

            </span></p>

          <p class="gmail-p1"

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span

              class="gmail-s1"

              style="font-variant-ligatures:no-common-ligatures">Host <a

                href="http://pool.sks-keyservers.net"

                moz-do-not-send="true">pool.sks-keyservers.net</a> not

              found: 3(NXDOMAIN)</span></p>

          <p class="gmail-p1"

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><br>

          </p>

          <p class="gmail-p1"

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal"><br>

          </p>

          <p class="gmail-p1"

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal"><br>

          </p>

          <p class="gmail-p1"

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal">Did

            these names get permanently deleted? Any workarounds or

            suggestions would be appreciated.</p>

          <p class="gmail-p1"

style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal"><br>

          </p>

        </div>

      </div>

    </blockquote>

    <p><br>

    </p>

    <p>Hey Alex,</p>

    <p>From what I can tell a lot of the keyservers are being shutdown.

      Take a look at the message on the SKS site (the SSL cert is

      expired) <a class="moz-txt-link-freetext" href="https://sks-keyservers.net/">https://sks-keyservers.net/</a>.</p>

    <p>You can read about some of whats going on from here

      <a class="moz-txt-link-freetext" href="https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f">https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f</a>.</p>

    <p>Sincerely,</p>

    <p>Brandon Anderson</p>

  </body>

</html>