-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey,
and while we are on the subject: If I install my Class 2 (!) OV
Certificate from startssl the hkps button changes red. A valid
certificte is not valid. I can understand that self-signed
certificates will turn the hkps indicator red, but why
Could you please explain the color-codes (on the page?).
Red/green is obvious, but I don't know where this orange
color for hkps sites comes from (SNI?)
Indeed, or the meta page for the server in question.
By the way. Kristian!
May I suggest you to use title=explanation attributes within td
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 05/28/2014 08:30 AM, Christian wrote:
Hey,
and while we are on the subject: If I install my Class 2 (!) OV
Certificate from startssl the hkps button changes red. A valid
certificte is not valid. I can understand that self-signed
On 28/05/14 12:11, Kristian Fiskerstrand wrote:
They will not be able to issue a certificate related to
hkps.pool.sks-keyservers.net as CN or subjectAltName, i.e. the
validation on a pool would fail.
It was too early in the morning, even pre-coffee.
I honestly didn't see that coming and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 05/27/2014 11:41 PM, Andrew Alderwick wrote:
Dear Rolf,
On Tue, May 27, 2014 at 10:18:31PM +0200, Rolf Wuerdemann wrote:
Am 27.05.2014 17:41, schrieb Kristian Fiskerstrand:
On 05/27/2014 05:00 PM, Daniel Kahn Gillmor wrote:
To check the
Hello Kristian,
I hardly think that *any* client has the CA of sks installed per
default (nor would an average client care to).
it is part of gnupg 2.1 [0]
hm ... even if gnugpg 2.1 will check the CRL (i assume, you don't (plan
to) run an OCSP-server) ...
when i access the keyserver-pool
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 05/28/2014 01:05 PM, dirk astrath wrote:
Hello Kristian,
I hardly think that *any* client has the CA of sks installed
per default (nor would an average client care to).
it is part of gnupg 2.1 [0]
hm ... even if gnugpg 2.1 will check the
Hello Kristian,
The CRL is published on [0] as stated on [1]. You are correct that for
a few of the later certs no CRL has been published along the cert (mea
cupla - I made in my config file). However if you see e.g [2] the CRL
distribution point is back in the certs.
References:
[0]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
I am looking for peers for a new public SKS server. The server is running
sks version 1.1.4 on http://keys.connectical.com:11371/, and it's
physically located in Madrid (Spain). The server has only IPv4 connectivity.
The initial keydump is
Hi,
added your server to my membership file please also do this with my
server
sks.static.lu 11370 # Martin Albus i...@rdns.cc 0xEF3D2226
-Martin
On 28.05.2014 20:43, Andrés J. Díaz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
I am looking for peers for a new public SKS
10 matches
Mail list logo