openkylin
/
gnupg2
mirror of https://gitee.com/openkylin/gnupg2.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity
gnupg2/doc
History
Daniel Kahn Gillmor 7b2e8ffb0b Use hkps://keys.openpgp.org as the default keyserver 
As of 2.2.17, GnuPG will refuse to accept any third-party
certifications from OpenPGP certificates pulled from the keyserver
network.

The SKS keyserver network currently has at least a dozen popular
certificates which are flooded with enough unusable third-party
certifications that they cannot be retrieved in any reasonable amount
of time.

The hkps://keys.openpgp.org keyserver installation offers HKPS,
performs cryptographic validation, and by policy does not distribute
third-party certifications anyway.

It is not distributed or federated yet, unfortunately, but it is
functional, which is more than can be said for the dying SKS pool.
And given that GnuPG is going to reject all the third-party
certifications anyway, there is no clear "web of trust" rationale for
relying on the SKS pool.

One sticking point is that keys.openpgp.org does not distribute user
IDs unless the user has proven control of the associated e-mail
address.  This means that on standard upstream GnuPG, retrieving
revocations or subkey updates of those certificates will fail, because
upstream GnuPG ignores any incoming certificate without a user ID,
even if it knows a user ID in the local copy of the certificate (see
https://dev.gnupg.org/T4393).

However, we have three patches in
debian/patches/import-merge-without-userid/ that together fix that
bug.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Gbp-Pq: Name Use-hkps-keys.openpgp.org-as-the-default-keyserver.patch
 		2022-05-13 23:35:57 +08:00
..
examples Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
ChangeLog-2011 Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
DCO Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
DETAILS Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
FAQ Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
HACKING Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
KEYSERVER Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
Makefile.am avoid regenerating defsincdate (use shipped file) 2022-05-13 23:35:57 +08:00
Makefile.in Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
OpenPGP Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
TRANSLATE Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
com-certs.pem Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
contrib.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
debugging.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
defsincdate Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
dirmngr.texi Use hkps://keys.openpgp.org as the default keyserver 2022-05-13 23:35:57 +08:00
glossary.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gnupg-card-architecture.fig Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gnupg-card-architecture.pdf Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gnupg-card-architecture.png Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gnupg-logo-tr.png Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gnupg-logo.eps Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gnupg-logo.pdf Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gnupg-logo.png Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gnupg-module-overview.pdf Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gnupg-module-overview.png Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gnupg-module-overview.svg Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gnupg.info Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gnupg.info-1 Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gnupg.info-2 Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gnupg.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gnupg7.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gpg-agent.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gpg.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gpgsm.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gpgv.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
gpl.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.be.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.ca.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.cs.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.da.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.de.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.el.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.eo.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.es.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.et.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.fi.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.fr.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.gl.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.hu.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.id.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.it.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.ja.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.nb.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.pl.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.pt.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.pt_BR.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.ro.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.ru.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.sk.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.sv.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.tr.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.zh_CN.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
help.zh_TW.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
howto-create-a-server-cert.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
howtos.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
instguide.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
mkdefsinc.c Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
mksamplekeys Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
opt-homedir.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
qualified.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
samplekeys.asc Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
scdaemon.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
see-also-note.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
specify-user-id.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
sysnotes.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
tools.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
trust-values.texi Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
whats-new-in-2.1.txt Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00
wks.texi gpg: default to 3072-bit RSA keys. 2022-05-13 23:35:57 +08:00
yat2m.c Import Upstream version 2.2.19 2022-05-13 23:35:49 +08:00