New GPGTools release & reliance on SRV records

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

New GPGTools release & reliance on SRV records

Todd Fleisher
Hi Kristian & other SKS operators,
The team @ GPGTools.Org released their latest version (2019.1) last week on August 22nd. New installations of this release use as the default key server & upgrades to this release prompt users to switch. This was known in advanced & therefore expected. However, I am noticing another issue that seems to have taken hold sometime between release 2018.5 2506n and the current version that may require some action on our part to provide continuity for users who are upgrading but opting to continue using the SKS key servers.

What I am seeing happen is when attempting to use (or switch back to) an SKS key server, the GPGTools clients will claim the server is invalid. Under the hood, I can see queries for DNS SRV records being made and returning NXDOMAIN. So one of 2 things is required to restore service:

1) DNS SRV records must be published for the hostname in order for GPGTools to determine what port number to use:
HKP: has SRV record 0 5 11371 has SRV record 0 5 11371

HKPS: has SRV record 0 5 443 has SRV record 0 5 443

2) The port number must be specified in the entry. In the past, <a href="hkps://" class="">hkps:// worked fine. However, now that same entry appears to be invalid unless I edit it to read: <a href="hkps://" class="">hkps://

I’d advise everyone still in the pool to add the appropriate SRV records & especially Kristian as the DNS operator for to do the same for all of the main pool entries.


Sks-devel mailing list
[hidden email]

signature.asc (849 bytes) Download Attachment