[ note: bug report submission is failing with "not allowed (too many links)", so
i've replaced http:// with http:__ as an attempted workaround here. rest
assured that i actually used the right form when testing. ]
Over in debian bug 818802, Mark reports that dirmngr does not do
well when using hkps and an http-proxy configuration.
I can confirm that this still seems to be the case in 2.1.18.
I have a functional http proxy running locally at http:__proxy.example:3128
I can use the proxy successfully to talk to the sks pool with wget, doing:
https_proxy=http:__proxy.example:3128/ wget --ca-certificate
But when dirmngr.conf has:
Then dirmngr seems to open the connection and just send TLS requests directly to
the proxy, rather than sending an HTTP CONNECT message. I've looked at packet
captures and it is indeed just doing a TLS ClientHello directly to the proxy.