--recv-keys without a --keyserver arg simply failed for me on a fresh Arch Linux installation, so I think it's a good idea to suggest a keyserver. OpenPGP ecosystem is broken in a number of ways, so the right way to approach this issue has some potential for bikeshedding. But the only thing that this PR does is to keep SECURITY.md in line with the instructions for builder keys, where there was agreement on switching to keys.openpgp.org (#22688).
doc: Suggest `keys.openpgp.org` as keyserver in SECURITY.md #23466
pull real-or-random wants to merge 1 commits into bitcoin:master from real-or-random:202111-keyserver changing 1 files +1 −1-
real-or-random commented at 11:29 AM on November 8, 2021: member
-
90f1f849e9
doc: Suggest `keys.openpgp.org` as keyserver in SECURITY.md
This is in line with 4c43b7d41d11072f382f938379d21cd2e0bcbb47 from PR #22688.
-
real-or-random commented at 11:29 AM on November 8, 2021: member
A related issue is that I couldn't find an unexpired version of @sipa's key, neither on
keys.openpgp.org(which does not sync with other servers) nor somewhere else. -
MarcoFalke commented at 11:38 AM on November 8, 2021: member
review ACK 90f1f849e9f5a0c1855b72824af38b9aa24d5287
-
MarcoFalke commented at 11:39 AM on November 8, 2021: member
Wouldn't it make sense to update https://bitcoincore.org/en/contact/ as well, assuming that
keyserver.ubuntu.comis non-functioning? - DrahtBot added the label Docs on Nov 8, 2021
-
real-or-random commented at 11:45 AM on November 8, 2021: member
Wouldn't it make sense to update bitcoincore.org/en/contact as well, assuming that
keyserver.ubuntu.comis non-functioning?keyserver.ubuntu.comis functioning but I think we should just keep the keyserver consistent everywhere. -
MarcoFalke commented at 11:58 AM on November 8, 2021: member
I think they don't accept any key updates, do they?
-
laanwj commented at 12:03 PM on November 8, 2021: member
Review ACK 90f1f849e9f5a0c1855b72824af38b9aa24d5287
keyserver.ubuntu.com is functioning but I think we should just keep the keyserver consistent everywhere.
I agree. Ideally we would not have to suggest any keyserver. It's frustrating enough to have to play keyserver ping-pong every time when yet another part of PGP infrastructure goes down, but it seems
keys.openpgp.orgworks for now so let's use it consistently.BTW instead of adding it in the command line every time you could also add
keyserver hkps://keys.openpgp.orgin
~/.gnupg/gpg.conf - hebasto approved
-
hebasto commented at 1:29 PM on November 8, 2021: member
ACK 90f1f849e9f5a0c1855b72824af38b9aa24d5287, agree with arguments above.
- hebasto deleted a comment on Nov 8, 2021
-
Zero-1729 commented at 3:10 PM on November 8, 2021: contributor
ACK 90f1f849e9f5a0c1855b72824af38b9aa24d5287
Makes sense to keep the keyservers consistent.
- real-or-random referenced this in commit 85180b83b7 on Nov 8, 2021
- real-or-random referenced this in commit 3b157c48ed on Nov 8, 2021
- fanquake referenced this in commit c702d1fefd on Nov 8, 2021
-
fanquake commented at 10:48 PM on November 8, 2021: member
This has been merged.
- fanquake closed this on Nov 8, 2021
- real-or-random referenced this in commit c74a7b7e51 on Nov 9, 2021
- real-or-random referenced this in commit d1492b6fb2 on Nov 9, 2021
- sidhujag referenced this in commit cf315e0d3d on Nov 9, 2021
- harding referenced this in commit e0906892db on Nov 9, 2021
- PastaPastaPasta referenced this in commit 8bcfec2167 on Apr 3, 2022
- DrahtBot locked this on Nov 8, 2022
