Re: [Sks-devel] HKPS configuration?

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] HKPS configuration?

From:	Kristian Fiskerstrand
Subject:	Re: [Sks-devel] HKPS configuration?
Date:	Tue, 11 Feb 2014 23:04:06 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 02/11/2014 10:13 PM, Falcon Darkstar Momot wrote:
> On 2/11/2014 11:06 AM, Gabor Kiss wrote:
>>> hkps is basically a 443 to hkp forward - I am using nginx for
>>> that. Just be SURE you do NOT use SNI or rely/ need a
>>> vhost/hostname as some client/most clients (gnupg) do not send
>>> this information. It is actually only feasible on a dedicated
>>> IP for SKS where Port 443 is solely used for https/hkps.
>> My cliens have bad luck in this case. :-( I cannot assign extra
>> IPv4 address to this service.
>> 
>> Gabor
> Why use port 443?  Nearly any port would work just fine, and using
> not 443 would remove the need for SNI while still not needing
> additional IPs.
> 

Although the pool software supports detection of the port from SRV
records (and actually does, as shown in the meta data of servers),
reporting these back to the users is currently disabled due to
Issue1446[0] and Issue1447[1] in GnuPG

[0] http://bugs.g10code.com/gnupg/issue1446
[1] http://bugs.g10code.com/gnupg/issue1447


- -- 
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
There are two tragedies in life. One is to lose your heart's desire.
The other is to gain it.
 - George Bernard Shaw
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJS+p5WAAoJEPw7F94F4TagkSAQALSiq+UrIvvvmoCy+nXfIvPb
PEmObO+m1Yadg4F8RM+4fFUff+00GBtSnrduCHew5LnZcFnBj8R8aNwV863ZAZtf
Ne3OiDBQO3e3gjHP05jv4UUJ1tclQIuRWYFQCCmqElTWQrixgFvl17V+4z0ZMd85
YxEB3G2Dvo11Gq4W8pkCkJsKk3EVgEl4gEWT68HzgsSXJNzDN/9+2bzZ1Wol179m
wvRzFT1l3F1PeRDDcoPYqE66sJ8ejR7AWRXBjosAGLZLazYv15i8vqKQ3XrBQ+I0
DFYoGecMyNCe7b5IOmJRzLmLWChtGLlClm7WxYkYoNDqUGKRbRIkQog9KvcIuzhl
iniClevhSZYViVMdOHDpbNLPXQuxhfcSIo+8p5R6Dmf4aoWVMHQ1vier6jlsCRn8
ckfhbeKPE849uaHfhyt80SsmXTIWNMQjcLCfu6rcmWrc0zX0bV9uyL95ZT2pCckZ
fpSfHzXLJRnV+q5oJi0/JDXwgbqwjdTQvDMQp6+3UPGhcU95g7YsfKDuy18SGxsr
yNXcTuS2habIS0yiCGMzc9JqR7thivCnVbKj5lFIV6EpCj5OvZgVPPZZTGA09i9A
BlEApKU8Bo0gxYJ11JNcrFuydXbSsJyUWLQqjFJo5Z5xUT6c004OGi6LDAyxehYA
o8168hTFRN1NpG070woz
=J7Ng
-----END PGP SIGNATURE-----

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] HKPS configuration?, Tyler Schwend, 2014/02/11
- Re: [Sks-devel] HKPS configuration?, Christian Reiß, 2014/02/11
  - Re: [Sks-devel] HKPS configuration?, Daniel Kahn Gillmor, 2014/02/11
    - Re: [Sks-devel] HKPS configuration?, Christian Reiß, 2014/02/11
    - Re: [Sks-devel] HKPS configuration?, Kristian Fiskerstrand, 2014/02/11
  - Re: [Sks-devel] HKPS configuration?, Gabor Kiss, 2014/02/11
    - Re: [Sks-devel] HKPS configuration?, Falcon Darkstar Momot, 2014/02/11
    - Re: [Sks-devel] HKPS configuration?, Kristian Fiskerstrand <=

Prev by Date: Re: [Sks-devel] HKPS configuration?
Next by Date: [Sks-devel] Need gossip partners for sks server
Previous by thread: Re: [Sks-devel] HKPS configuration?
Next by thread: [Sks-devel] Fate of keyserver.undergrid.net
Index(es):
- Date
- Thread