On Fri, 9 May 2014 02:14, cl...@jhcloos.com said:
Now that sks-keyservers.net6. is signed, it would be useful to add
TLSA RRs at:
Sure. However, I would really like to get a new beta out and not keep
on adding useful features without having a a working and beta released
code base.
Hi,
thanks for the comments. To get things straight, let me summarize my
understanding:
For plain HTTP:
- No change to the current code
or
- Resolve the name while following CNAME records to get a list of IP
addresses. Then connect any server at its IP address but use the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 05/15/2014 12:07 PM, Werner Koch wrote:
Hi,
thanks for the comments. To get things straight, let me summarize
my understanding:
For plain HTTP:
- No change to the current code
or
- Resolve the name while following CNAME records
On 05/07/2014 03:51 PM, Werner Koch wrote:
On Wed, 7 May 2014 18:17, kristian.fiskerstr...@sumptuouscapital.com said:
I strongly suggest using the original hostname provided as SNI when
performing keyserver lookups, this is also consistent with current
Okay. What about a dirmngr options
On 2014-05-07 at 22:19 +0200, Kristian Fiskerstrand wrote:
On 05/07/2014 08:51 PM, Werner Koch wrote:
On Wed, 7 May 2014 18:17,
kristian.fiskerstr...@sumptuouscapital.com said:
I strongly suggest using the original hostname provided as SNI
when performing keyserver lookups, this is also
PP == Phil Pennock gnupg-de...@spodhuis.org writes:
PP If someone wants to design another validation mechanism for TLS
PP public keys when used for HKPS, perhaps based around OpenPGP
PP (Monkeysphere?) then that might be worthwhile to pursue.
Now that sks-keyservers.net6. is signed, it would
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 05/07/2014 05:04 PM, Werner Koch wrote:
On Tue, 6 May 2014 19:45,
kristian.fiskerstr...@sumptuouscapital.com said:
8412a5825c225c8ff14de3ffaad2e55e040b2eca `make -j4` fails on my
computer with ERROR described below. As of
Fixed.
On Wed, 7 May 2014 18:17, kristian.fiskerstr...@sumptuouscapital.com
said:
(i) as tmphost is derived from getnameinfo, the PTR record will be
used. A concrete example would be sks.karotte.org that resolve to
176.9.51.79 which has a PTR of alita.karotte.org. However no keyserver
is configured
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 05/07/2014 08:51 PM, Werner Koch wrote:
On Wed, 7 May 2014 18:17,
kristian.fiskerstr...@sumptuouscapital.com said:
I strongly suggest using the original hostname provided as SNI
when performing keyserver lookups, this is also