diff --git a/configure.ac b/configure.ac
index c6b2adf1..569d52be 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1941,7 +1941,7 @@ AC_DEFINE_UNQUOTED(TPM2DAEMON_SOCK_NAME, "S.tpm2daemon",
 AC_DEFINE_UNQUOTED(DIRMNGR_SOCK_NAME, "S.dirmngr",
                    [The name of the dirmngr socket])
 AC_DEFINE_UNQUOTED(DIRMNGR_DEFAULT_KEYSERVER,
-                   "hkps://keyserver.ubuntu.com",
+                   "hkps://keys.openpgp.org",
       [The default keyserver for dirmngr to use, if none is explicitly given])
 
 AC_DEFINE_UNQUOTED(GPGEXT_GPG, "gpg", [The standard binary file suffix])
diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi
index e280d911..c65f8538 100644
--- a/doc/dirmngr.texi
+++ b/doc/dirmngr.texi
@@ -338,7 +338,11 @@ whether Tor is locally running or not.  The check for a running Tor is
 done for each new connection.
 
 If no keyserver is explicitly configured, dirmngr will use the
-built-in default of @code{https://keyserver.ubuntu.com}.
+built-in default of @code{hkps://keys.openpgp.org}.
+
+Note that the above default is a Debian-specific choice.  Upstream
+GnuPG prefers @code{hkps://hkps.pool.sks-keyservers.net}.  See
+/usr/share/doc/gpgconf/NEWS.Debian.gz for more details.
 
 Windows users with a keyserver running on their Active Directory
 may use the short form @code{ldap:///} for @var{name} to access this directory.