On Donnerstag, 9. Juni 2022 17:38:04 CEST Mark via Gnupg-users wrote: > I just looked at what Kleopatra has it set for and it has it set for > hkp://keys.gnupg.net as well. I'm guessing that is no longer the best > choice?
Kleopatra 3.1.21.220401 uses whatever `gpgconf --list-options dirmngr` returns as value for `keyserver`. So it depends on the version of GnuPG you are using. The default returned by gpgconf 2.3.6 is hkps://keyserver.ubuntu.com. As Andrew wrote, hkp://keys.gnupg.net is mapped internally by dirmngr to the default keyserver. For a short while, hkp://keys.gnupg.net was mapped to hkp://pgp.surf.nl while hkps://keys.gnupg.net was mapped to hkps://keyserver.ubuntu.com. Since 2.3.5 all URLs with domain name keys.gnupg.net are mapped to hkps://keyserver.ubuntu.com. The latest 2.2 version still uses hkp://pgp.surf.nl for non-TLS keys.gnupg.net URLs. Conclusion: For GnuPG 2.3.5 and later hkp://keys.gnupg.net is as good as not setting a keyserver or as setting it to hkps://keyserver.ubuntu.com. If you are using a recent GnuPG 2.2, then hkp://keys.gnupg.net is not a good choice. It's much better not to set a keyserver at all and go with the default. Even for GnuPG 2.3.5 not setting keyserver is the way to go unless you really want to use a specific keyserver. Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
