Re: hkps.pool.sks-keyservers.net DNS failing to resolve

2020-01-16 Thread Kristian Fiskerstrand
On 15.01.2020 19:19, Todd Fleisher wrote: > Thanks for the update, it looks like DNS recovered shortly after this > message was sent. However, I’m still seeing an expired CRL > @ https://sks-keyservers.net/ca/crl.pem Yes, I cheated and disabled the check for the pool (no certs are revoked for any

Re: hkps.pool.sks-keyservers.net DNS failing to resolve

2020-01-15 Thread Todd Fleisher
Hi Kristian, Thanks for the update, it looks like DNS recovered shortly after this message was sent. However, I’m still seeing an expired CRL @ https://sks-keyservers.net/ca/crl.pem -T > On Jan 15, 2020, at 2:19 AM, Kristian Fiskerstrand > wrote: > > O

Re: hkps.pool.sks-keyservers.net DNS failing to resolve

2020-01-15 Thread Kristian Fiskerstrand
On 15.01.2020 02:28, Todd Fleisher wrote: > Hopefully Kristian finds and fixes his issue in the morning. thanks for the heads up everyone; should be back up on next update run (cause: crl expired) -- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitte

Re: hkps.pool.sks-keyservers.net DNS failing to resolve

2020-01-14 Thread Todd Fleisher
Hi David, That’s correct … https://i.imgur.com/eOBk0Sp.gifv … https://i.imgur.com/40Ekopq.jpg Hopefully Kristian finds and fixes his issue in the morning. -T > On Jan 14, 2020, at 5:17 PM, David Moes wrote: > > Hi Todd, >

Re: hkps.pool.sks-keyservers.net DNS failing to resolve

2020-01-14 Thread David Moes
Hi Todd, For HPKS you must be added by Kristian to his self signed cert, without this you don't get listed as HPKS-capable node. David. Am 15.01.2020 um 02:05 schrieb Todd Fleisher: > Hi David, > Good catch, that would explain it. I suspect Kristian’s script that > checks the potential HKPS node

Re: hkps.pool.sks-keyservers.net DNS failing to resolve

2020-01-14 Thread Todd Fleisher
Hi David, Good catch, that would explain it. I suspect Kristian’s script that checks the potential HKPS nodes in order to update the DNS record is failing and/or not running. I have confirmed my HKPS-capable nodes/pool respond to queries & key uploads, but I’m not sure what criteria he is checki

Re: hkps.pool.sks-keyservers.net DNS failing to resolve

2020-01-14 Thread David Moes
Hi Todd, This is probably because there is no server in the pool at the moment that has HKPS. Check the status: https://sks-keyservers.net/status/ - (HKPS RED) Kind regards, David. Am 15.01.2020 um 00:25 schrieb Todd Fleisher: > Hi Kristian, > Starting @ 01-14-2020 20:45:18 UTC it seems DNS is

hkps.pool.sks-keyservers.net DNS failing to resolve

2020-01-14 Thread Todd Fleisher
Hi Kristian, Starting @ 01-14-2020 20:45:18 UTC it seems DNS is failing to resolve successfully, with the public resolvers & NS-GLOBAL.KJSL.COM returning NXDOMAIN & the remaining authoritative servers for the returning REFUSED. Results can be seen here: https://pastebin.com/raw/JweLJyYL