Page MenuHome GnuPG

TLS problems with ntbtls with some ECC curves (discovered with hkps://pgp.mailbox.org on Windows)
Closed, ResolvedPublic

Description

https://wald.intevation.org/forum/forum.php?thread_id=1668&forum_id=21&group_id=11
a user reports problems to access hkps://pgp.mailbox.org on windows 10.

The debugging shows:
DBG: ntbtls(2): got an alert message, type: [2:40]

Expected behaviour: The keyserver connection is made to search for the pubkey.

This looks either like a software defect or a documentation deficit how to analyse
the problem to get a connection.

Observation: gpg 2.1.11 with gnutls on Debian contacts the keyserver just fine.

Has been tested with Gpg4win 3.0(rc) 3.0.0 beta 299.

Event Timeline

werner triaged this task as Unbreak Now! priority.Sep 18 2017, 4:41 PM

You can't access that server even from Windows7 due to an uncommon ECC curve. I need to investigate but it is likely that ntbtls does not yet support it.

I added the missing curves to ntbtls and will soon do a new release. To please some folks here I also added the Brainpool curves ;-)

bernhard renamed this task from Diagnosing a TLS problem with ntbtls on Windows 10 to TLS problems with ntbtls with some ECC curves.Sep 19 2017, 8:38 AM
bernhard renamed this task from TLS problems with ntbtls with some ECC curves to TLS problems with ntbtls with some ECC curves (discovered with hkps://pgp.mailbox.org on Windows).

ntbtls 0.1.2 has been released as well gnupg 2.2.1 with other fixes and the Windows installer using that new ntbtls.