On 05/30/2009 06:04 AM, Thijs Kinkhorst wrote: > I have asked our resident keyserver expert Teun on this matter. He is not > that > enthousiastic about both pools. As an example, he gives > http://sks-keyservers.net/status/ > where a lot of servers still use 1.0.10 which has a serious search bug. He > prefers to use a small set servers that he knows are well-funded (like our > pgp.surfnet.nl for which there is a budget to keep it maintained).
I agree with Teun that it's a shame there are so many 1.0,10 keyservers still in the pool. Even better would be to create a pool that explicitly excludes keyservers running known-problematic versions of SKS, and point it at that. i believe the sks-keyservers maintainer (Kristian Fiskerstrand) has published his scripts for maintaining the round-robin DNS, and even maintains subset.pool.sks-keyservers.net, which is SKS 1.1.0 (the latest version) only: http://lists.gnu.org/archive/html/sks-devel/2009-03/msg00124.html > I'm thinking that changing to 'pool.sks-keyservers.net' will in any case not > make matters worse. So perhaps we can do that. cool, thanks. If you really want to exclude 1.0.10, you might use subset.pool.sks-keyservers.net instead. --dkg
signature.asc
Description: OpenPGP digital signature
