On 170315-16:46+0100, Werner Koch wrote: > On Wed, 15 Mar 2017 10:14, miro.ro...@croatiafidelis.hr said: > > > keyserver hkps.pool.sks-keyservers.net:443 > > I guess we should better default to hkps:// if a scheme is not given. which is, IIUC, HTTPS key protocol, like hkp:// is HTTP key protocol.
> I have not checked whether this is already the case. No, it's not implemented, or if it is, it's not by default in my Gentoo. But if it's local configuration, I'm not an expert to know what to configure to get it implemented. > > I record SSL-keys all the time, and I believe every communication > > in/with my machine must be permitted by me, and open to my inspection, > > I didn't understand the need for recording session keys - in general we > try hard not to leave any trace of session keys. How do you solve issues that arise then? How do you guard your system if you don't have an option to inspect what it happening in your system? There's no defence generally without knowing what happens on your turf, not really, ever! > BTW, we should not use the term SSL anymore. BTW, my original title to that Youtube-dl issue contained SSL-key, not TLS-key recording, the maintainer there changed that title... It's very hard for me to contradict someone of your format, Werner, but other smart people say the name change has been purely political, without any technical merit to it... So allow me to point to you others that contradict to you, and IMO rebellion against senseless practices is a good thing(TM): https://wiki.wireshark.org/SSL and if you try: https://wiki.wireshark.org/TLS you get "This page does not exist yet." > > Shalom-Salam, Peace! > Werner > > -- > Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. Deutch schreiben, lesen und schprechen I möchte lernen... Aber kein zeit für jetzt... ( I like German, and German-speaking nations, culture and way of life a lot. ) Sincere respect and regards to you and your team! -- Miroslav Rovis Zagreb, Croatia https://www.CroatiaFidelis.hr
signature.asc
Description: Digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
