Mailing List Archive: NXDOMAIN for hkps.pool.sks-keyservers.net

NXDOMAIN for hkps.pool.sks-keyservers.net

Jan 14, 2020, 1:39 PM

Post #1 of 4 (601 views)

GnuPG uses hkps://hkps.pool.sks-keyservers.net as the default dirmnger
key server. But this domain does not exist. From
https://sks-keyservers.net/status/ I see no server in the pool supports
hkps. I wonder if this is the reason for the non-existence of the domain.

I understand that user can always use --keyserver option to specify a
working key server. I'm just asking if we should change the default
value, if it is not working anymore.

wangqr

drill output:

$ drill hkps.pool.sks-keyservers.net @s01.sks-keyservers.net.
;; ->>HEADER<<- opcode: QUERY, rcode: NXDOMAIN, id: 3611
;; flags: qr aa rd ; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;; hkps.pool.sks-keyservers.net. IN A

;; ANSWER SECTION:

;; AUTHORITY SECTION:
sks-keyservers.net. 600 IN SOA ns2.kfwebs.net.
kf.kfwebs.net. 3200114222 600 14400 172800 600

;; ADDITIONAL SECTION:

;; Query time: 122 msec
;; SERVER: 192.146.137.185
;; WHEN: Tue Jan 14 21:23:37 2020
;; MSG SIZE rcvd: 96

Re: NXDOMAIN for hkps.pool.sks-keyservers.net [ In reply to ]

bortzmeyer at nic

Jan 15, 2020, 3:25 AM

Post #2 of 4 (601 views)

Permalink

On Tue, Jan 14, 2020 at 04:39:16PM -0500,
wangqr via Gnupg-users <gnupg-users@gnupg.org> wrote
a message of 122 lines which said:

> GnuPG uses hkps://hkps.pool.sks-keyservers.net as the default
> dirmnger key server. But this domain does not exist.

I do not share this assessment.

% dig +short hkps.pool.sks-keyservers.net A
209.244.105.201
82.148.229.254
192.146.137.98
37.191.231.105
192.146.137.99

Most RIPE Atlas probes agree with me:

% blaeu-resolve --type A --requested 100 hkps.pool.sks-keyservers.net.
[192.146.137.98 192.146.137.99 209.244.105.201 37.191.231.105 82.148.229.254] : 93 occurrences
[ERROR: NXDOMAIN] : 1 occurrences
[192.146.137.98 209.244.105.201 37.191.231.105 82.148.229.254] : 4 occurrences
[ERROR: SERVFAIL] : 2 occurrences
Test #23834618 done at 2020-01-15T11:23:19Z

You DNS resolver has probably a problem.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: NXDOMAIN for hkps.pool.sks-keyservers.net [ In reply to ]

kristian.fiskerstrand at sumptuouscapital

Jan 15, 2020, 6:19 AM

Post #3 of 4 (599 views)

Permalink

On 14.01.2020 22:39, wangqr via Gnupg-users wrote:
> GnuPG uses hkps://hkps.pool.sks-keyservers.net as the default dirmnger
> key server. But this domain does not exist. From
> https://sks-keyservers.net/status/ I see no server in the pool supports
> hkps. I wonder if this is the reason for the non-existence of the domain.
>
> I understand that user can always use --keyserver option to specify a
> working key server. I'm just asking if we should change the default
> value, if it is not working anymore.
>

Right.. there was an outage tonight affecting the hkps pool due to
expiry of the CRL

--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
Corruptissima re publica plurimæ leges
The greater the degeneration of the republic, the more of its laws

Re: NXDOMAIN for hkps.pool.sks-keyservers.net [ In reply to ]

gnupg-users at gnupg

Jan 15, 2020, 7:41 AM

Post #4 of 4 (599 views)

Permalink

On 2020-01-15 9:19, Kristian Fiskerstrand wrote:
>
> Right.. there was an outage tonight affecting the hkps pool due to
> expiry of the CRL
>

Thanks. Good to know that it is just a temporary issue and me being unlucky.

wangqr

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Mailing List Archive

Mailing List Archive

Attached Files: