On 2013-02-26 07:51, Daniel Kahn Gillmor wrote: > On 02/25/2013 02:54 PM, Peter Loshin wrote: >> 1. "Don't use pgp.mit.edu". Which keyserver *should* be used? I assume >> that a pool is better than a particular server; is there one >> particular pool that is preferred? What about >> http://pool.sks-keyservers.net/? > > You should use hkp:// instead of http://. Using http:// implies a > simple web request (e.g. , while hkp:// implies the structured key > lookups keyservers are known to use. > > and you may want to use ha.pool.sks-keyservers.net (this is a > high-availability pool -- only keyservers that operate behind HTTP > reverse proxies are included. this mode of operation is considered a > best-practice for sks keyserver operators).
I find *.sks-keyservers.net unusable (unfortunately). More often than not, I get this: gpgkeys: HTTP fetch error 7: couldn't connect: End of file tcpdump shows me that the server just closes the connection without an answer. It does work from time to time, so when doing a manual --recv-key, I usually get the key within a few tries. But when using e.g. caff (which does not retry), it's unusable. So I'm still looking for a good, working keyserver... And while pgp.mit.edu might not be the best keyserver, it works... (from my experience at least).
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
