On Thu, 26 Mar 2020 17:55, gus said:
> gpg: error retrieving 'torbrow...@torproject.org' via WKD: Ricevuto
> un
> messaggio di avviso fatale
> gpg: error reading key: Ricevuto un messaggio di avviso fatale
That is: "Fatal alert message received" which comes from the TLS
layer. To see the actual cause you need to add
log-file /some/file
tls-debug 2
or a higher level to dirmngr.conf and "gpgconf --reload dirmngr". For
me a
gpg --locate-external-keys -v torbrow...@torproject.org
(--locate-external-key is easier to type than yours. It excludes the
local keys and thus always goes out to the WKD) then gives:
DBG: ntbtls(2): got an alert message, type: [2:40]
DBG: ntbtls(1): is a fatal alert message (msg 40)
DBG: ntbtls(1): (handshake failed)
DBG: ntbtls(1): read_record returned: Fatal alert message received
DBG: ntbtls(2): handshake ready
TLS handshake failed: Fatal alert message received
error connecting to 'https://openpgpkey.tor[...]
A reason for the failed handhake might be that no common parameters
could be found. We would need to look at the server log or run tests
with that server to see what it expects. I copy the full TLS log below.
I have no GNUTLS based build currently available, if that works, it log
could give also some conclusion. However, on Windows we always use
NTBTLS.
Salam-Shalom,
Werner
--8<---cut here---start->8---
DBG: ntbtls(2): handshake
DBG: ntbtls(2): client state: 0 (hello_request)
DBG: ntbtls(3): flush output
DBG: ntbtls(2): client state: 1 (client_hello)
DBG: ntbtls(3): flush output
DBG: ntbtls(2): write client_hello
DBG: ntbtls(3): client_hello, max version: [3:3]
DBG: ntbtls(3): client_hello, current time: 1585298512
DBG: client_hello, random bytes:
5e7dbc5008b76aa83d09c4393a4bdbe792ad9fee5198c6d9f88357ad16020156
DBG: ntbtls(3): client_hello, session id len.: 0
DBG: client_hello, session id:
DBG: ntbtls(5): client_hello, add ciphersuite: 49192
TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384
DBG: ntbtls(5): client_hello, add ciphersuite: 107
TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
DBG: ntbtls(5): client_hello, add ciphersuite: 49172
TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA
DBG: ntbtls(5): client_hello, add ciphersuite:57
TLS-DHE-RSA-WITH-AES-256-CBC-SHA
DBG: ntbtls(5): client_hello, add ciphersuite: 49271
TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384
DBG: ntbtls(5): client_hello, add ciphersuite: 196
TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256
DBG: ntbtls(5): client_hello, add ciphersuite: 136
TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA
DBG: ntbtls(5): client_hello, add ciphersuite: 49191
TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256
DBG: ntbtls(5): client_hello, add ciphersuite: 103
TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
DBG: ntbtls(5): client_hello, add ciphersuite: 49171
TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA
DBG: ntbtls(5): client_hello, add ciphersuite:51
TLS-DHE-RSA-WITH-AES-128-CBC-SHA
DBG: ntbtls(5): client_hello, add ciphersuite: 49270
TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256
DBG: ntbtls(5): client_hello, add ciphersuite: 190
TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256
DBG: ntbtls(5): client_hello, add ciphersuite:69
TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
DBG: ntbtls(5): client_hello, add ciphersuite: 49170
TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA
DBG: ntbtls(5): client_hello, add ciphersuite:22
TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
DBG: ntbtls(5): client_hello, add ciphersuite: 49208
TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384
DBG: ntbtls(5): client_hello, add ciphersuite: 179
TLS-DHE-PSK-WITH-AES-256-CBC-SHA384
DBG: ntbtls(5): client_hello, add ciphersuite: 49206
TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA
DBG: ntbtls(5): client_hello, add ciphersuite: 145
TLS-DHE-PSK-WITH-AES-256-CBC-SHA
DBG: ntbtls(5): client_hello, add ciphersuite: 49307
TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384
DBG: ntbtls(5): client_hello, add ciphersuite: 49303
TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384
DBG: ntbtls(5): client_hello, add ciphersuite: 49207
TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256
DBG: ntbtls(5): client_hello, add ciphersuite: 178
TLS-DHE-PSK-WITH-AES-128-CBC-SHA256
DBG: ntbtls(5): client_hello, add ciphersuite: 49205
TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA
DBG: ntbtls(5): client_hello, add ciphersuite: 144
TLS-DHE-PSK-WITH-AES-128-CBC-SHA
DBG: ntbtls(5): client_hello, add ciphersuite: 49302
TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256
DBG: ntbtls(5): client_hello, add ciphersuite: 49306
TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256
DBG: ntbtls(5): client_hello, add ciphersuite: 49204
TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA
DBG: ntbtls(5): client_hello, add ciphersuite: 143
TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA
DBG: ntbtls(5): client_hello, add ciphersuite:61
TLS-RSA-WITH-AES-256-CBC-SHA256
DBG: ntbtls(5): client_hello, add ciphersuite:53
TLS-RSA-WITH-AES-256-CBC-SHA
DBG: ntbtls(5): client_hello, add ciphersuite: 192
TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256
DBG: ntbtls(5): client_hello, add ciphersuite: 132