Home GnuPG
Diffusion GnuPG 55b5928099ba

dirmngr: Change the default keyserver.

Description

dirmngr: Change the default keyserver.

* configure.ac (DIRMNGR_DEFAULT_KEYSERVER): Change to
keyserver.ubuntu.com.
* dirmngr/certcache.c (cert_cache_init): Disable default pool cert.
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Ditto.
* dirmngr/http.c (http_session_new): Ditto.
* dirmngr/server.c (make_keyserver_item): Use a different mapping for
the gnupg.net names.

Due to the unfortunate shutdown of the keyserver pool, the long term
defaults won't work anymore. Thus it is better to change them.

For https access keyserver.ubuntu.com is now used because it can be
expected that this server can stand the load from newer gnupg LTS
versions.

For http based access the Dutch Surfnet keyserver is used. However
due to a non-standard TLS certificate this server can not easily be
made the default for https.

Note: that the default server will be changed again as soon as a new
connected keyserver infrastructure has been established.

(cherry picked from commit 47c4e3e00a7ef55f954c14b3c237496e54a853c1)

Details

Provenance
wernerAuthored on Jun 25 2021, 7:15 PM
Parents
rG8b1fb9786167: po: In German always use "Passwort" instead of "Passphrase".
Branches
Unknown
Tags
Unknown