Re: [Sks-devel] CNAMEs for sks pool

2017-02-19 Thread Fabian Santiago 
thanks.

On Sun, Feb 19, 2017 at 6:59 PM, Phil Pennock
 wrote:
> On 2017-02-19 at 16:59 -0500, Fabian Santiago wrote:
>> may i ask, what are all of the CNAMEs for the pool? Thanks.
>
> Nobody knows for sure.  There can be arbitrary names.
>
> This is covered in:
>   https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Peering
>
>   Beware that for port 11371 traffic, you must be able to handle
>   requests with any Host: header, for the various pools and CNAMEs which
>   exist, and you must accept requests with no User-Agent: header set, as
>   at least one major OpenPGP HKP client refuses to set a User-Agent
>   field when talking to keyservers.
>
> You don't need to accept unknown names on ports 80/443.
>
> The most _common_ CNAMEs are at:
>   https://www.sks-keyservers.net/overview-of-pools.php
> and also "keys.gnupg.net", which points to one of those.
>
> Other people can set up their own CNAMEs; Kristian's service is widely
> used, including by gnupg.net, but not in any way especially privileged.
>
> -Phil

___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] CNAMEs for sks pool

2017-02-19 Thread Phil Pennock 
On 2017-02-19 at 16:59 -0500, Fabian Santiago wrote:
> may i ask, what are all of the CNAMEs for the pool? Thanks.

Nobody knows for sure.  There can be arbitrary names.

This is covered in:
  https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Peering

  Beware that for port 11371 traffic, you must be able to handle
  requests with any Host: header, for the various pools and CNAMEs which
  exist, and you must accept requests with no User-Agent: header set, as
  at least one major OpenPGP HKP client refuses to set a User-Agent
  field when talking to keyservers.

You don't need to accept unknown names on ports 80/443.

The most _common_ CNAMEs are at:
  https://www.sks-keyservers.net/overview-of-pools.php
and also "keys.gnupg.net", which points to one of those.

Other people can set up their own CNAMEs; Kristian's service is widely
used, including by gnupg.net, but not in any way especially privileged.

-Phil

___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

[Sks-devel] CNAMEs for sks pool

2017-02-19 Thread Fabian Santiago 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

may i ask, what are all of the CNAMEs for the pool? Thanks.

- - Fabian S.

-BEGIN PGP SIGNATURE-
Version: Mailvelope v1.6.5
Comment: https://www.mailvelope.com

wsFcBAEBCAAQBQJYqhUuCRBVUCsO65Bw/AAAkfEP/2iPcquRLLyj55ughUIf
Ydg5ZH6a6NVuBx89tXQ8ZP/FeAaDBL86wahiR0gtzHQXcSEqf0TA1Uh/Eceg
p3MjYa63iI7aInNUBxhruAJOLZhNEFsT8qtx3GSW+KbTp3c9DZQ1Mu/NzKf5
5akDcOdbR/Tj1Un1kUdcVNV7x32yh/obBUd7ooRtW29zROw9h6K4dVIRvwim
N62HahbacBnv27hDIl3wtOb3mood/E7JlGUwPEiwC9Pm1tt5a7XBHz6OUbmE
97iJd0gAjP3bO9V0xtQ9KPd/8r459C+MjNfGDAVsA31ZvkEBWfjsr6hf7c+m
cNB3NYFIi5xkdqFn4RUky9if0wQwPIzQ7YoOxkWrckjudSm9BPXOOfStZfQ3
d3DgR2q8FPGevHik7sWtgeftuiD1oXgGs2UitwLGHE6I6pHDXIrLhMzIihG6
22yfQo6ljRHj/SUUz+O9rBd2VNCtcY9gsREb2k9c1Z+W66RCV0+1lz6NRf+0
3xt+F4/VQuqw1OIXX+7lxBemrPWt1/A2DGysc8fOUzRxZcThNveFNk1i1njU
8C7Pgl1lTzVWuGwBWxRBjSyg/BEk/Vlyj1YlZGs7KARO3TLRgxMTp/5MiTf1
UWi9xvajDqqgHTWkvflkwsPoL98/VlJA1KjVVYg1EmDSPHn+rqnzlYa+Xxuj
KU6q
=eK0+
-END PGP SIGNATURE-

___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel