On Fri, Feb 22, 2019 at 9:58 PM Matthew Thode <prometheanf...@gentoo.org> wrote: > > Ok, after setting that up portage wants to update pgp keys, which fail > because keyservers suck. It doesn't look like we can change the > keyservers or disable the update entirely but we can set the retries to > 0 (which better disable it...). Robbat2 had a patch to allow disabling > the update but it doesn't look like it was applied.
I assume that it proceeds after some timeout? Or does it completely bail? IMO failing successful makes more sense though it is less secure. It definitely makes sense to attempt a keyserver update since that is going to be the mechanism to catch key revocations. It also will make life easier on users using an older stage3 that happens to have expired keys. Well, assuming the keyserver works... -- Rich