Sorry, I didn't realize you were on that list as well. Yah, I got the impression from her response that all of the key servers would update in the near future, and cors would be available from all.
-tim On 5/15/14, Paweł Górny <[email protected]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Yes, it is exactly what you wrote. > There is a common code, a patch, and all we can do is to wait until > existing servers will update their code. Currently most of them uses > the old version, I have found only on with cors http://key.ip6.li > If you know about others, I will be glad to give my users possibility > to select a desired server. > > Pawel > > > W dniu 15.05.2014, 16:26, Tim Prepscius pisze: >> Most of the key servers (I hope) use the same code base, and there >> was an update to support cors. >> >> So I think this will be available from many: >> >> On 04/19/2014 11:40 PM, [email protected] wrote: >>> >>> >>> Greetings, >>> >>> I believe I asked a pgp key server http interface question on >>> this list a while ago, and received a useful response. >>> >>> I also wrote [email protected] the request below.. With no >>> response. >> >> For questions regarding keyservers, sks-devel[0] is probably your >> best bet.. >> >>> >>> >>> >>> Is there any way that the http pgp key servers could be changed >>> to provide cors headers allowing access from any site? This >>> could also be done through some proxy server (njinx?) which >>> accepts, forwards and then concatenates cors headers to the >>> response. >> >> This is alreday included in the SKS trunk as of commit [1] for an >> upcoming 1.1.5 release. Once that is released >> subset.pool.sks-keyservers.net[2] will be bumped to this as a min >> requirement and can be used for your purposes. >> >> >>> >>> I realize this is not the pgp keyserver mailing list. But I >>> figure the developers of that server also reside in this list -- >>> and I'm not sure exactly which list is the right list to post >>> to. >>> >> >> References [0] http://lists.nongnu.org/archive/html/sks-devel/ [1] >> https://bitbucket.org/skskeyserver/sks-keyserver/commits/f6e4e88a049a3497cc17b0ad15530782d78bc59f?at=default >> >> > [2] https://sks-keyservers.net/overview-of-pools.php#pool_subset >> >> - -- - ---------------------------- Kristian Fiskerstrand Blog: >> http://blog.sumptuouscapital.com Twitter: @krifisk - >> ---------------------------- Public PGP key 0xE3EDFAE3 at >> hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA >> 0B7F 8B60 E3ED FAE3 - ---------------------------- "I have always >> wished that my computer would be as easy to use as my telephone. My >> wish has come true -- I no longer know how to use my telephone" >> (Bjarne Stroustrup, April 1999) >> >> >> ============ >> >> Kristian Fiskerstrand <[email protected]> >> To: "[email protected]" <[email protected]>, gnupg-users >> <[email protected]> Hello, >> >> We are pleased to announce the availability of a new stable SKS >> release: Version 1.1.5. >> >> SKS is an OpenPGP keyserver whose goal is to provide easy to >> deploy, decentralized, and highly reliable synchronization. That >> means that a key submitted to one SKS server will quickly be >> distributed to all key servers, and even wildly out-of-date >> servers, or servers that experience spotty connectivity, can fully >> synchronize with rest of the system. >> >> What's New in 1.1.5 ==================== - Fixes for >> machine-readable indices. Key expiration times are now read from >> self-signatures on the key's UIDs. In addition, instead of 8-digit >> key IDs, index entries now return the most specific key ID >> possible: 16-digit key ID for V3 keys, and the full fingerprint >> for V4 keys. - Add metadata information (number of keys, number of >> files, checksums, etc) to key dump. This allows for information on >> the key dump ahead of download/import, and direct verification of >> checksums using md5sum -c <metadata-file>. - Replaced occurrances >> of the deprecated operator 'or' with '||' (BB issue #2) - Upgraded >> to cryptlib-1.7 and own changes are now packaged as separate >> patches that is installed during 'make'. Added the SHA-3 algorithm, >> Keccak - Option max_matches was setting max_internal_matches. >> Fixed (BB issue #4) - op=hget now supports option=mr for >> completeness (BB issue #17) - Add CORS header to web server >> responses. Allows JavaScript code to interact with keyservers, for >> example the OpenPGP.js project. - Change the default hkp_address >> and recon_address to making the default configuration support IPv6. >> (Requires OCaml 3.11.0 or newer) - Only use '-warn-error A' if the >> source is marked as development as per the version suffix (+) (part >> of BB Issue #2) - Reduce logging verbosity for debug level lower >> than 6 for (i) bad requests, and (ii) no results found (removal of >> HTTP headers in log) (BB Issue #13) - Add additional OIDs for ECC >> RFC6637 style implementations (brainpool and secp256k1) (BB Issue >> #25) and fix issue for 32 bit arches. - Fix a non-persistent >> cross-site scripting possibility resulting from improper input >> sanitation before writing to client. (BB Issue #26 | >> CVE-2014-3207) >> >> >> Note when upgrading from earlier versions of SKS >> ==================== The default values for pagesize settings >> changed in SKS 1.1.4. To continue using an existing DB from earlier >> versions without rebuilding, explicit settings have to be added to >> the sksconf file. pagesize: 4 ptree_pagesize: 1 >> >> Getting the Software ==================== SKS can be downloaded >> from https://bitbucket.org/skskeyserver/sks-keyserver >> >> Prerequisites ==================== There are a few prerequisites to >> building this code. You need: * ocaml-3.11.0 or later (ocaml-3.12.x >> is recommended). Get it from <http://www.ocaml.org> * Berkeley DB >> version 4.6.* or later, whereby 4.8 or later is recommended. You >> can find the appropriate versions at >> <http://www.oracle.com/technetwork/database/berkeleydb/downloads/index.html> >> >> > * GNU Make and a C compiler (e.g gcc) >> >> Verifying the integrity of the download ==================== >> Releases of SKS are signed using the SKS Keyserver Signing Key >> available on public keyservers with the KeyID >> >> 0x41259773973A612A and has a fingerprint of >> >> C90E F143 0B3A C0DF D00E 6EA5 4125 9773 973A 612A. Using GnuPG, >> verification can be accomplished by, first, retrieving the signing >> key using >> >> gpg --keyserver pool.sks-keyservers.net --recv-key >> 0x41259773973A612A followed by verifying that you have the correct >> key >> >> gpg --keyid-format long --fingerprint 0x41259773973A612A >> >> should produce: >> >> pub 4096R/41259773973A612A 2012-06-27 Key fingerprint = C90E F143 >> 0B3A C0DF D00E 6EA5 4125 9773 973A 612A A check should also be >> made that the key is signed by trustworthy other keys; >> >> gpg --list-sigs 0x41259773973A612A >> >> and the fingerprint should be verified through other trustworthy >> sources. Once you are certain that you have the correct key >> downloaded, you can create a local signature, in order to remember >> that you have verified the key. >> >> gpg --lsign-key 0x41259773973A612A >> >> Finally; verifying the downloaded file can be done using >> >> gpg --keyid-format long --verify sks-x.y.z.tgz.asc >> >> The resulting output should be similar to gpg: Signature made Wed >> Jun 27 12:52:39 2012 CEST gpg: using RSA key >> 41259773973A612A gpg: Good signature from "SKS Keyserver Signing >> Key" >> >> Checksums for sks-1.1.5.tgz SHA1: >> a353426e99de3fb02bf93b953f574335a9f2a590 >> >> SHA256: >> 92a7f113f0ba7a28d51d7ced60a984d042d8524c651dc3fcafe9d11cc32981a0 >> >> Thanks ==================== We have to thank all the people who >> helped with this release, by discussions on the mailing list, >> submitting patches, or opening issues for items that needed our >> attention. >> >> Happy Hacking, The SKS Team (Yaron, John, Kristian, Phil, and the >> other contributors) >> >> >> - -- - ---------------------------- Kristian Fiskerstrand Blog: >> http://blog.sumptuouscapital.com Twitter: @krifisk - >> ---------------------------- Public PGP key 0xE3EDFAE3 at >> hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA >> 0B7F 8B60 E3ED FAE3 - ---------------------------- "Excellence is >> not a singular act but a habit. You are what you do repeatedly."| >> (Shaquille O'Neal) _______________________________________________ >> Gnupg-users mailing list [email protected] >> http://lists.gnupg.org/mailman/listinfo/gnupg-users >> >> On 5/15/14, Paweł Górny <[email protected]> wrote: >>> >>> >>> Hello >>> >>> I am glad to inform you about the new release of PGpgp - PGP >>> application for BlackBerry 10 smartphones, version 1.4. >>> >>> Please note: as I have found a keyserver which allows >>> cross-domain connections, now it is possible to download the >>> public keys. >>> >>> More details: http://pawelgorny.com/PGpgp/ >>> >>> Kind regards, >>> >>> Pawel Gorny >>> >>> >> _______________________________________________ >> >> http://openpgpjs.org Subscribe/unsubscribe: >> http://list.openpgpjs.org >> > > > - -- > Paweł Górny > mailto:[email protected] http://pawelgorny.com > * only way to feel the noise is when it's good and loud * > > In reply please use the key: 0xF0F72044 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG/MacGPG2 v2.0.22 (Darwin) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBCgAGBQJTdSCbAAoJELu+nPvw9yBEEc0P/3TbkAk6L+FIAy4bNv3L+m4a > DTLgai7WNEJNLd3YSFjOQFziMW/rHd6lOAoeiZtWdxOmJN1ky4VgiACY8rIB7gbz > nCUhEHI7n6xkzhMhWcqCUrEFPt54G7dAaJlOyz41/dyxIBarORnUS19GfIg4ePN8 > 4NXM/mSMLyKAP8t3nasMXrVmr3rZxmgdLGY75HKX3HegzwTjvXtwybZxF9e8Me5c > DsO7fufVireFgv5iDXnaUcWVeVnvlVFZ8Pi5Xp7gaemPhUGRYx70XotZ5lQatbCm > Pv4ZrCXCsMFOyjNhQ5wtY8XGHZjab0rqhjgQv4RoDpdypqefdEgOE/AIo7O5kwGa > MZTnVIu5H5uhzYKJxNJn1AcITXb0XREtp+4yC5TSakeNq4QSPG+KX8+DiELV7hUx > eWi0cF5DtaHrBg2cwLXaCJcshqahqtWXpSwfSQOwklbOXgWq8ndm0BbMufer80yC > khvEzDsUPE9Q9zZm8EQIrfOzOPq+fbk+cSdF4kFxxdO8TJ9xTonLNc4R1MO+xKWr > NdPEkl4ufzhPkwODQRTmxvysmDwPb9tKDZHr+myh6h3/2btGGcM2fBKgD2pUkQp8 > BenCJDSLMn0bWkAzhQ37u3gfbstPMmzQPXrOHP9AbQqVaJi+QPjrHXqB4B8x4Gca > d/IRrrv6ofazuOuNE35z > =mbz7 > -----END PGP SIGNATURE----- > _______________________________________________ > > http://openpgpjs.org > Subscribe/unsubscribe: http://list.openpgpjs.org _______________________________________________ http://openpgpjs.org Subscribe/unsubscribe: http://list.openpgpjs.org
