On Wed, 16 Feb 2022 18:03, raf said:
> But maybe it is dead. I don't really need it. My only interest was that
Yes, it is dead. Except for a minority of users, it is impossible to
easily add new resource records. However, putting new files on a
webserver is easy.
FWIW, you can build your keys
On 15/02/2022 23:37, Dan Mahoney wrote:
That's a decision I leave up to the people who *make* the key (and the
software that it's signing).
Sorry, from your previous message it sounded like you were publishing
your own software.
(and it's no longer the case that you can publish just
On Tue, Feb 15, 2022 at 12:32:50PM -0800, "Dan Mahoney (Gushi) via Gnupg-users"
wrote:
> Hey all,
>
> A long time ago I wrote a doc on a blog about putting PGP keys in the DNS,
> which has been linked to quite a bit. I also recoded make-dns-cert as a
> shell script so that people who want to
> On Feb 15, 2022, at 2:45 PM, Andrew Gallagher wrote:
>
>
>> On 15 Feb 2022, at 21:46, Dan Mahoney (Gushi) via Gnupg-users
>> wrote:
>>
>> Since the debacle a few years ago with the SKS keyserver denial-of-service
>> attack, the keyservers are kind of a non-starter.
>
> Why so?
On Tuesday, 15 February 2022 20:32:50 GMT Dan Mahoney (Gushi) via Gnupg-users
wrote:
> Worse still, if you know a key exists via something like DANE (dayjob
> makes DNS software, we like the idea of it being available via DANE),
> there's no way to do gpg --search via DANE, only via a keyserver.
On Tue, Feb 15, 2022 at 12:32:50PM -0800, Dan Mahoney (Gushi) via Gnupg-users
wrote:
> Thus, using that as a prefetch method to grab the current version of our
> codesign@ key into our keyring is not helpful either, unless we "faked it"
> by attempting to encrypt a message to that address, then
> On 15 Feb 2022, at 21:46, Dan Mahoney (Gushi) via Gnupg-users
> wrote:
>
> Since the debacle a few years ago with the SKS keyserver denial-of-service
> attack, the keyservers are kind of a non-starter.
Why so? Keyservers are still around, and the ones that survived the apocalypse
are
On Dienstag, 15. Februar 2022 21:32:50 CET Dan Mahoney (Gushi) via Gnupg-users
wrote:
> Worse still, if you know a key exists via something like DANE (dayjob
> makes DNS software, we like the idea of it being available via DANE),
> there's no way to do gpg --search via DANE, only via a keyserver.
Hey all,
A long time ago I wrote a doc on a blog about putting PGP keys in the DNS,
which has been linked to quite a bit. I also recoded make-dns-cert as a
shell script so that people who want to do this but don't have access to
the make-dns-cert tool (which is not built by default on some
