Re: [Sks-devel] keys.gnupg.net anomaly

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] keys.gnupg.net anomaly

From:	Alain Wolf
Subject:	Re: [Sks-devel] keys.gnupg.net anomaly
Date:	Sat, 30 Apr 2016 17:52:26 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512



On 30.04.2016 at 17:29, James Cloos wrote:
>>>>>> "KG" == Kiss Gabor (Bitman) <address@hidden>
>>>>>> writes:
> 
> KG> I found requests for https://keys.gnupg.net/ in my Apache logs 
> KG> on keys.niif.hu. Of course they were unsuccessful because KG>
> my HTTP daemon is not set up to provide this virtual site.
> 
> KG> In the DNS we can see this: KG> keys.gnupg.net          CNAME
> pool.sks-keyservers.net
> 
> Certificates are available for hkps.pool.sks-keyservers.net,
> making requests to http://hkps.pool.sks-keyservers.net work.
> 
> Are certs available for keys.gnupg.net?
> 
> Or are we expected to offer self-signed certs for tls requests to
> that hostname?

As things currently are, we are not expected to serve HTTPS/HKPS on
everything else then hkps.pool.sks-keyservers.net.

keys.gnupg.net is an alias of pool.sks-keyservers.net which does not use
HTTPS/HKPS either.

Only way would be that the people in control of gnupg.net could provide
us with certs for i.e. hkps.keys.gnupg.net, as Kristian does for the SKS
pool and make a CNAME alias from hkps.keys.gnupg.net to
hkps.pool.sks-keyservers.net.

A lot of work and coordination for little gain and added confusion.

-----BEGIN PGP SIGNATURE-----

iQJ8BAEBCgBmBQJXJNS6XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ1ODMzNjFDQzQ3RjU4RjJGRTVEMzFERUM3
NDk4QUQzNjFFNDA3NzFFAAoJEHSYrTYeQHce5YMP/0sYwAYhuwlYk1zpq4rHwUkh
8ahyK8jHTfyRRIKmEPeNkA4Gzpl2wvC1Viq6Swk4wv9Jzx4kTUnVYKjA7RjXgUN9
kerni3/Ujkjx670PVrJRXDxVu1POhJEKmfyRJDf1U+0r5kyB+TKf6787sNHKW+1X
h0evpG9pnsiO4UNy4vTeFuqsMEGbFr46tJgz8B2IH5sjBlhIaZdr9vyxiiuifdPD
SY/UlhOg3z239Nj7ed9rPY6QPXmtJYo5u+Q+GDxpIYKlWDj605cVYjgMZGN9bqff
9/SGyuFjbyT2GdBaZsqBQuSRCa+ZhpvVtQ+qpaMLf2VeA4StfcEUIIvutd0d7njj
o5/0NLFydr39oTb0avL08t1S25RbUFnaV7iGXz0k4bJ5PbFFgrzrBMA8MckK3h+1
7gnApdUaS3CGZoiLgJPwn+iiR8OxBmhOZmhF4LDRIiUYC2qi4T7I6WfNFjdYpjaO
Tx9rildYtXrdDllJApYfu6ZKT+CeMgFgqXR/ADIPvjnc3ifXqCDbzfOvHN/vTFcW
e7xe7j10F+Um4tU8/H+hFbE7Pi2/ofN2+FgZZ+3qFEC0ZpnkW1f6zNhocJGajQPZ
TG7ImqG3FmLika0HY3cjsyo+lfYaVO8Kcv3pJGQXjz/Q/+cO6GP0wpvKvWYRrKxQ
Q2x2imB+3oQfZS7IYTGU
=at85
-----END PGP SIGNATURE-----

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] keys.gnupg.net anomaly, Kiss Gabor (Bitman), 2016/04/28
- Re: [Sks-devel] keys.gnupg.net anomaly, Christoph Egger, 2016/04/28
  - Re: [Sks-devel] keys.gnupg.net anomaly, Christoph Egger, 2016/04/28
  - Re: [Sks-devel] keys.gnupg.net anomaly, Andrew Gallagher, 2016/04/28
  - Re: [Sks-devel] keys.gnupg.net anomaly, Christoph Egger, 2016/04/28
    - Re: [Sks-devel] keys.gnupg.net anomaly, Brian Minton, 2016/04/28
- Re: [Sks-devel] keys.gnupg.net anomaly, Phil Pennock, 2016/04/29
  - Re: [Sks-devel] keys.gnupg.net anomaly, Kiss Gabor (Bitman), 2016/04/29
- Re: [Sks-devel] keys.gnupg.net anomaly, James Cloos, 2016/04/30
  - Re: [Sks-devel] keys.gnupg.net anomaly, Gabor Kiss, 2016/04/30
  - Re: [Sks-devel] keys.gnupg.net anomaly, Alain Wolf <=

Prev by Date: Re: [Sks-devel] keys.gnupg.net anomaly
Next by Date: [Sks-devel] IPv6 status monitoring broken?
Previous by thread: Re: [Sks-devel] keys.gnupg.net anomaly
Next by thread: [Sks-devel] IPv6 status monitoring broken?
Index(es):
- Date
- Thread