If it is a technical challenge and Kristian as head (pool maintainer),
why does he not ask publicity
the hockeypuck author, dkg and the sequoia-team, for help?
As an example, if I would be Kristian I would do so, set-up with my
pool gang a hockeypuck
test-net (bootstrapped with a handful of pub
> On 24 Oct 2020, at 10:41, Stefan Claas via Gnupg-users
> wrote:
>
> there can
> be no consensus achieved between privacy loving EU citizens and (US
> based) SKS operators
Most SKS operators are (were?) based outside the US. This is primarily a
technical challenge, not a political one.
A
I can only speak for myself and see that when it comes to SKS that there can
be no consensus achieved between privacy loving EU citizens and (US
based) SKS operators, while Mailvelope and Hagrid respect the users wishes.
With that being said I am out and better let Mr Barr and Mr de Kerchove
On 23/10/2020 13:23, Andrew Gallagher wrote:
> * Hints could take the form of fake preferred-keyserver subpackets, in a
> similar manner to fake "fpr:DEADBEEF" user-id packets that have been
> previously discussed to support UID-less key refresh on legacy systems
> (could both be combined in a
On 23/10/2020 10:14, Bernhard Reiter wrote:
> So yes, I also believe that improvements to hockeypuck or a fresh
> implementation could step by step get the public keyserver network up again.
I've thought about this quite a bit after my previous attempts to
reconcile recon with selective
Am Samstag 19 September 2020 23:34:32 schrieb Stefan Claas:
> I stand by my points that hockeypuck can solve the issues
To me
it makes sense to preserve a decentalised network of public keyservers [1].
In my post
Preserving non-central and privacy with a "permission recording keyserver"
Hi
On Sunday 20 September 2020 at 11:29:07 PM, in
, Mark wrote:-
> I'm the one that asked the original question in
> regards to GPG4Win. I
> know with the latest version the default is
> "hkp://keys.gnupg.net"
Thanks, Mark.
hkp://keys.gnupg.net is an alias for
I'm the one that asked the original question in regards to GPG4Win. I
know with the latest version the default is "hkp://keys.gnupg.net"
On 9/20/2020 4:58 AM, MFPA via Gnupg-users wrote:
> Hi
>
>
> On Saturday 19 September 2020 at 7:34:13 PM, in
> , Phil
> Pennock via Gnupg-users wrote:-
>
>
>>
Hi
On Saturday 19 September 2020 at 7:34:13 PM, in
, Phil
Pennock via Gnupg-users wrote:-
> The original question was:
> } I use GPG4Win and I've noticed that
> "hkp://keys.gnupg.net" is not
> so that's what I answered.
I asked a different but related question that occurred to me when I
Hi Andrew,
On Sat, 19 Sep 2020 21:38:22 +0200,
Andrew Gallagher wrote:
> Hagrid “solves” the vandalism problem by abandoning
> decentralisation.
This is not strictly true.
When we think about updating keys, there are two types of information
that can be updated:
- Identity Information (User
Andrew Gallagher wrote:
>
> > On 19 Sep 2020, at 21:06, Stefan Claas wrote:
> >
> > *With all due respect*, the problems you mention with the SKS protocol is
> > IMHO absolutely solvable with hockeypuck if the
> > author implements the same Mailvelope or Hagrid confirmation process for
> >
Stefan Claas wrote in
<20200919201736.2...@300baud.de>:
|Robert J. Hansen wrote:
|>> It is true the attacks were what brought it down, but the amount \
|>> of effort was not a "sustained
|>> attack" by any measure. The invested resources are somewhere around \
|>> "couple hours and
> On 19 Sep 2020, at 21:06, Stefan Claas wrote:
>
> *With all due respect*, the problems you mention with the SKS protocol is
> IMHO absolutely solvable with hockeypuck if the author
> implements the same Mailvelope or Hagrid confirmation process for its users
If you have not yet read the
Andrew Gallagher wrote:
>
> > On 19 Sep 2020, at 20:05, Stefan Claas wrote:
> >
> > Well, there is IMHO a good replacement for SKS available, called
> > hockeypuck and it is written in modern Golang.
>
> This is beside the point. SKS is both a protocol and an implementation.
> Hockeypuck is
On 2020-09-19 at 11:44 +0100, MFPA via Gnupg-users wrote:
> On Friday 18 September 2020 at 4:32:55 PM, in
> , Phil
> Pennock via Gnupg-users wrote:-
>
>
> > keys.gnupg.net is a CNAME for
> > hkps.pool.sks-keyservers.net -- which is
> > now returning zero results.
>
>
> The GnuPG manual's
> On 19 Sep 2020, at 20:05, Stefan Claas wrote:
>
> Well, there is IMHO a good replacement for SKS available, called
> hockeypuck and it is written in modern Golang.
This is beside the point. SKS is both a protocol and an implementation.
Hockeypuck is a reimplementation of the same protocol
Steffen Nurpmeso wrote:
> Stefan Claas wrote in
> <20200919201736.2...@300baud.de>:
> |Robert J. Hansen wrote:
> |>> It is true the attacks were what brought it down, but the amount \
> |>> of effort was not a "sustained
> |>> attack" by any measure. The invested resources are somewhere
Robert J. Hansen wrote:
> > It is true the attacks were what brought it down, but the amount of effort
> > was not a "sustained
> > attack" by any measure. The invested resources are somewhere around "couple
> > hours and $0.00".
>
> I'm not sure that's true.
[...]
I think it does not
> It is true the attacks were what brought it down, but the amount of effort
> was not a "sustained
> attack" by any measure. The invested resources are somewhere around "couple
> hours and $0.00".
I'm not sure that's true.
The keyserver poisoning attack was demonstrated first by EFF's Micah
Hi
On Friday 18 September 2020 at 4:32:55 PM, in
, Phil
Pennock via Gnupg-users wrote:-
> keys.gnupg.net is a CNAME for
> hkps.pool.sks-keyservers.net -- which is
> now returning zero results.
The GnuPG manual's description [0] of the Dirmngr option "--keyserver name"
still ends with "If no
> keys.gnupg.net is a CNAME for hkps.pool.sks-keyservers.net -- which is
> now returning zero results.
Let me break the prose down into the simple facts:
* the "HKPS" pool is no longer actually a "pool". it is a [single server].
* the "HKP" pool still contains a few servers, but using it
On 2020-09-18 at 15:04 +0200, accounts-gn...@holbrook.no wrote:
> Is it possible to define multiple sources of keys with WKD, for example
> with a dns TXT record? The use-case would be if the main server is down,
> alternative places to get it.
The SRV record approach had to be dropped because
Phil,
Thanks for the explanation on what was happening. I thought something
was just not right as when I hit search it would come back in less than
a second with 0 results. It seemed to me that it didn't actually even
search through the database. Anyway now that you say there is not really
a
Hello,
>Is it possible to define multiple sources of keys with WKD, for example
>with a dns TXT record?
Well, yes, actually. This can be done with both X509 certificates (where it is
called SMIMEA) and gpg keys. Obtaining a key basically involves quering the
appropriate TYPE in the DNS record
On 2020-09-18 at 08:06 -0700, Mark wrote:
> I use GPG4Win and I've noticed that "hkp://keys.gnupg.net" is not
> working right. I was not getting any hits back when searching with
> Kleopatra and then I tried to ping that server which returned host not
> found. So I'm also interested if there is a
On 2020-09-18 at 10:08 +0200, Franck Routier (perso) wrote:
> Le jeudi 17 septembre 2020 à 18:13 -0400, Phil Pennock via Gnupg-users
> a écrit :
> > If publishing keys, I do recommend setting up WKD for your
> > domain, which helps a little.
>
> What is the status of WKD now, and is it to
I use GPG4Win and I've noticed that "hkp://keys.gnupg.net" is not
working right. I was not getting any hits back when searching with
Kleopatra and then I tried to ping that server which returned host not
found. So I'm also interested if there is a better choice.
On 9/17/2020 1:57 PM, Martin
I wasn't aware of WKD, thanks for the heads up.
Is it possible to define multiple sources of keys with WKD, for example
with a dns TXT record? The use-case would be if the main server is down,
alternative places to get it.
On Fri, Sep 18, 2020 at 12:55:45PM +0200, Vincent Breitmoser via
> What is the status of WKD now, and is it to superseed centralized key
> servers ?
Not for folks who have their email address at the domain of an email provider,
or an organization that doesn't support WKD. So statistically, everyone but
a rounding error.
That said, for folks who run their
Le jeudi 17 septembre 2020 à 18:13 -0400, Phil Pennock via Gnupg-users
a écrit :
> If publishing keys, I do recommend setting up WKD for your
> domain, which helps a little.
What is the status of WKD now, and is it to superseed centralized key
servers ?
Franck
On 2020-09-17 at 22:57 +0200, Martin wrote:
> Which keyserver do you recommend these days?
For what purpose?
For receiving updates to previously known keys, of people who care
enough about their keys to distribute their keys across multiple
keyservers instead of just going "I pushed it to the
Martin wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Hi list
>
> Which keyserver do you recommend these days?
>
> I have hkps://keys.openpgp.org in gpg.conf - but it seems that there
> are missing a lot of public keys on this server.
Hi,
good question ... I like
32 matches
Mail list logo
