n3npq at me
May 29, 2012, 10:59 AM
Post #2 of 2
On May 29, 2012, at 1:26 PM, Werner Koch wrote:
Re: [Sks-devel] [FYI] keys.gnupg.net (was: changing the default for --keyid-format)
[In reply to]
> I can't remember whether I announced it, but since some weeks
> keys.gnupg.net is a CNAME to pool.sks-keyservers.net
> http-keys.gnupg.net is a CNAME to ha.pool.sks-keyservers.net
> The reason for this change is that it is useless to spend a lot of work
> in maintaining such a second pool. The folks behing sks-keyservers.net
> to a very well job. keys.gnupg.org is mentioned in the installed sample
> config file and thus likely used by many new users. Now it works again.
FWIW, the reasoning is/was similar in RPM choosing the sks-keyservers pool
as a default key server configuration:
There's no need to reinvent a better infrastructure.
So I'll chime in and piggy-back a +1 to Kristian Fiskerstrand here: Nice job!
The previous default of "keys.rpm5.org" might yet have to be resurrected
if it is not possible to also use SKS key servers as a notary registrar for
automatically generated key pairs generated by every invocation of
rpmbuild -ba foo.spec
The number of invocations of rpmbuild daily is likely larger than all other
pubkey uploads to SKS key servers combined.
Which makes me a bit more sensitive to issues of bloat! with CA57AD7C robo-signatures
in SKS key servers than most.
73 de Jeff
Gnupg-users mailing list
Gnupg-users [at] gnupg