sks-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Dirmngr now supports hkps

From: Werner Koch
Subject: Re: [Sks-devel] Dirmngr now supports hkps
Date: Thu, 15 May 2014 12:07:37 +0200
User-agent: Gnus/5.13 (Gnus v5.13) 
Hi,

thanks for the comments.  To get things straight, let me summarize my 
understanding:

For plain HTTP:

  - No change to the current code

 or

  - Resolve the name while following CNAME records to get a list of IP
    addresses.  Then connect any server at its IP address but use the
    canonical name of the pool (the one which yields the AAAA records)
    for the Host: header.
 

For HTTPS:

  - Resolve the name while following CNAME records to get a list of IP
    addresses.  Then connect any server at its IP address but use the
    canonical name of the pool (the one which yields the AAAA records)
    for the Host: header.  Use that host: Header name also for SNI.
  

In all cases make this the default behaviour if the hkp or the hkps is
used for the keyserver URL.  If http or https is used, do the same or
use a different approach (e.g. let the DNS resolver decide)?

Use of SRV records is subject to bug 1447 and will be fixed in a second
step?


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]