-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Yes, it is exactly what you wrote. There is a common code, a patch, and all we can do is to wait until existing servers will update their code. Currently most of them uses the old version, I have found only on with cors http://key.ip6.li If you know about others, I will be glad to give my users possibility to select a desired server.
Pawel W dniu 15.05.2014, 16:26, Tim Prepscius pisze: > Most of the key servers (I hope) use the same code base, and there > was an update to support cors. > > So I think this will be available from many: > > On 04/19/2014 11:40 PM, [email protected] wrote: >> >> >> Greetings, >> >> I believe I asked a pgp key server http interface question on >> this list a while ago, and received a useful response. >> >> I also wrote [email protected] the request below.. With no >> response. > > For questions regarding keyservers, sks-devel[0] is probably your > best bet.. > >> >> >> >> Is there any way that the http pgp key servers could be changed >> to provide cors headers allowing access from any site? This >> could also be done through some proxy server (njinx?) which >> accepts, forwards and then concatenates cors headers to the >> response. > > This is alreday included in the SKS trunk as of commit [1] for an > upcoming 1.1.5 release. Once that is released > subset.pool.sks-keyservers.net[2] will be bumped to this as a min > requirement and can be used for your purposes. > > >> >> I realize this is not the pgp keyserver mailing list. But I >> figure the developers of that server also reside in this list -- >> and I'm not sure exactly which list is the right list to post >> to. >> > > References [0] http://lists.nongnu.org/archive/html/sks-devel/ [1] > https://bitbucket.org/skskeyserver/sks-keyserver/commits/f6e4e88a049a3497cc17b0ad15530782d78bc59f?at=default > > [2] https://sks-keyservers.net/overview-of-pools.php#pool_subset > > - -- - ---------------------------- Kristian Fiskerstrand Blog: > http://blog.sumptuouscapital.com Twitter: @krifisk - > ---------------------------- Public PGP key 0xE3EDFAE3 at > hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA > 0B7F 8B60 E3ED FAE3 - ---------------------------- "I have always > wished that my computer would be as easy to use as my telephone. My > wish has come true -- I no longer know how to use my telephone" > (Bjarne Stroustrup, April 1999) > > > ============ > > Kristian Fiskerstrand <[email protected]> > To: "[email protected]" <[email protected]>, gnupg-users > <[email protected]> Hello, > > We are pleased to announce the availability of a new stable SKS > release: Version 1.1.5. > > SKS is an OpenPGP keyserver whose goal is to provide easy to > deploy, decentralized, and highly reliable synchronization. That > means that a key submitted to one SKS server will quickly be > distributed to all key servers, and even wildly out-of-date > servers, or servers that experience spotty connectivity, can fully > synchronize with rest of the system. > > What's New in 1.1.5 ==================== - Fixes for > machine-readable indices. Key expiration times are now read from > self-signatures on the key's UIDs. In addition, instead of 8-digit > key IDs, index entries now return the most specific key ID > possible: 16-digit key ID for V3 keys, and the full fingerprint > for V4 keys. - Add metadata information (number of keys, number of > files, checksums, etc) to key dump. This allows for information on > the key dump ahead of download/import, and direct verification of > checksums using md5sum -c <metadata-file>. - Replaced occurrances > of the deprecated operator 'or' with '||' (BB issue #2) - Upgraded > to cryptlib-1.7 and own changes are now packaged as separate > patches that is installed during 'make'. Added the SHA-3 algorithm, > Keccak - Option max_matches was setting max_internal_matches. > Fixed (BB issue #4) - op=hget now supports option=mr for > completeness (BB issue #17) - Add CORS header to web server > responses. Allows JavaScript code to interact with keyservers, for > example the OpenPGP.js project. - Change the default hkp_address > and recon_address to making the default configuration support IPv6. > (Requires OCaml 3.11.0 or newer) - Only use '-warn-error A' if the > source is marked as development as per the version suffix (+) (part > of BB Issue #2) - Reduce logging verbosity for debug level lower > than 6 for (i) bad requests, and (ii) no results found (removal of > HTTP headers in log) (BB Issue #13) - Add additional OIDs for ECC > RFC6637 style implementations (brainpool and secp256k1) (BB Issue > #25) and fix issue for 32 bit arches. - Fix a non-persistent > cross-site scripting possibility resulting from improper input > sanitation before writing to client. (BB Issue #26 | > CVE-2014-3207) > > > Note when upgrading from earlier versions of SKS > ==================== The default values for pagesize settings > changed in SKS 1.1.4. To continue using an existing DB from earlier > versions without rebuilding, explicit settings have to be added to > the sksconf file. pagesize: 4 ptree_pagesize: 1 > > Getting the Software ==================== SKS can be downloaded > from https://bitbucket.org/skskeyserver/sks-keyserver > > Prerequisites ==================== There are a few prerequisites to > building this code. You need: * ocaml-3.11.0 or later (ocaml-3.12.x > is recommended). Get it from <http://www.ocaml.org> * Berkeley DB > version 4.6.* or later, whereby 4.8 or later is recommended. You > can find the appropriate versions at > <http://www.oracle.com/technetwork/database/berkeleydb/downloads/index.html> > > * GNU Make and a C compiler (e.g gcc) > > Verifying the integrity of the download ==================== > Releases of SKS are signed using the SKS Keyserver Signing Key > available on public keyservers with the KeyID > > 0x41259773973A612A and has a fingerprint of > > C90E F143 0B3A C0DF D00E 6EA5 4125 9773 973A 612A. Using GnuPG, > verification can be accomplished by, first, retrieving the signing > key using > > gpg --keyserver pool.sks-keyservers.net --recv-key > 0x41259773973A612A followed by verifying that you have the correct > key > > gpg --keyid-format long --fingerprint 0x41259773973A612A > > should produce: > > pub 4096R/41259773973A612A 2012-06-27 Key fingerprint = C90E F143 > 0B3A C0DF D00E 6EA5 4125 9773 973A 612A A check should also be > made that the key is signed by trustworthy other keys; > > gpg --list-sigs 0x41259773973A612A > > and the fingerprint should be verified through other trustworthy > sources. Once you are certain that you have the correct key > downloaded, you can create a local signature, in order to remember > that you have verified the key. > > gpg --lsign-key 0x41259773973A612A > > Finally; verifying the downloaded file can be done using > > gpg --keyid-format long --verify sks-x.y.z.tgz.asc > > The resulting output should be similar to gpg: Signature made Wed > Jun 27 12:52:39 2012 CEST gpg: using RSA key > 41259773973A612A gpg: Good signature from "SKS Keyserver Signing > Key" > > Checksums for sks-1.1.5.tgz SHA1: > a353426e99de3fb02bf93b953f574335a9f2a590 > > SHA256: > 92a7f113f0ba7a28d51d7ced60a984d042d8524c651dc3fcafe9d11cc32981a0 > > Thanks ==================== We have to thank all the people who > helped with this release, by discussions on the mailing list, > submitting patches, or opening issues for items that needed our > attention. > > Happy Hacking, The SKS Team (Yaron, John, Kristian, Phil, and the > other contributors) > > > - -- - ---------------------------- Kristian Fiskerstrand Blog: > http://blog.sumptuouscapital.com Twitter: @krifisk - > ---------------------------- Public PGP key 0xE3EDFAE3 at > hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA > 0B7F 8B60 E3ED FAE3 - ---------------------------- "Excellence is > not a singular act but a habit. You are what you do repeatedly."| > (Shaquille O'Neal) _______________________________________________ > Gnupg-users mailing list [email protected] > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > On 5/15/14, Paweł Górny <[email protected]> wrote: >> >> >> Hello >> >> I am glad to inform you about the new release of PGpgp - PGP >> application for BlackBerry 10 smartphones, version 1.4. >> >> Please note: as I have found a keyserver which allows >> cross-domain connections, now it is possible to download the >> public keys. >> >> More details: http://pawelgorny.com/PGpgp/ >> >> Kind regards, >> >> Pawel Gorny >> >> > _______________________________________________ > > http://openpgpjs.org Subscribe/unsubscribe: > http://list.openpgpjs.org > - -- Paweł Górny mailto:[email protected] http://pawelgorny.com * only way to feel the noise is when it's good and loud * In reply please use the key: 0xF0F72044 -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCgAGBQJTdSCbAAoJELu+nPvw9yBEEc0P/3TbkAk6L+FIAy4bNv3L+m4a DTLgai7WNEJNLd3YSFjOQFziMW/rHd6lOAoeiZtWdxOmJN1ky4VgiACY8rIB7gbz nCUhEHI7n6xkzhMhWcqCUrEFPt54G7dAaJlOyz41/dyxIBarORnUS19GfIg4ePN8 4NXM/mSMLyKAP8t3nasMXrVmr3rZxmgdLGY75HKX3HegzwTjvXtwybZxF9e8Me5c DsO7fufVireFgv5iDXnaUcWVeVnvlVFZ8Pi5Xp7gaemPhUGRYx70XotZ5lQatbCm Pv4ZrCXCsMFOyjNhQ5wtY8XGHZjab0rqhjgQv4RoDpdypqefdEgOE/AIo7O5kwGa MZTnVIu5H5uhzYKJxNJn1AcITXb0XREtp+4yC5TSakeNq4QSPG+KX8+DiELV7hUx eWi0cF5DtaHrBg2cwLXaCJcshqahqtWXpSwfSQOwklbOXgWq8ndm0BbMufer80yC khvEzDsUPE9Q9zZm8EQIrfOzOPq+fbk+cSdF4kFxxdO8TJ9xTonLNc4R1MO+xKWr NdPEkl4ufzhPkwODQRTmxvysmDwPb9tKDZHr+myh6h3/2btGGcM2fBKgD2pUkQp8 BenCJDSLMn0bWkAzhQ37u3gfbstPMmzQPXrOHP9AbQqVaJi+QPjrHXqB4B8x4Gca d/IRrrv6ofazuOuNE35z =mbz7 -----END PGP SIGNATURE----- _______________________________________________ http://openpgpjs.org Subscribe/unsubscribe: http://list.openpgpjs.org
