tickets #48203
closedhttps://keyserver.opensuse.org/ delivers download.opensuse.org
100%
Description
Dear all!
Currently --- 2019-02-21 14:10 CET ---
https://keyserver.opensuse.org/
delivers
download.opensuse.org ("openSUSE download server")
haven't checked by myself so far, if
ISP error (mine, maybe yours)
DNS error (mine or yours)
server error (yours)
Thank you,
Gunner Gewiß
Updated by pjessen about 5 years ago
- Private changed from Yes to No
Thorsten took down keyserver.o.o due to privacy concerns - we should probably just remove the DNS entry.
Updated by cboltz about 5 years ago
- Category set to Servers hosted in NBG
- Assignee set to TBro
That, or display a "service discontinued" page on keyserver.o.o. (IIRC we already have such a page, so adjusting haproxy should be enough.)
Thorsten, your decision ;-)
Updated by gunnersson about 5 years ago
Thank you, guys, for your reply and awareness! (comprehensible in most way)
But, just a "stupid" question --- though it's probably not the right
place here to really discuss that broadly:
Despite of all that stuff like "e-mail vs instant-messenger",
"privacy-aware vs anything-else"... I (personally) have the feeling that
PGP in general is somehow dying. When I run an
openSUSE system I can PGP check every repository or package derived from
some master one --- but how do I check the master? There is the SKS
infrastructure for PGP/GnuPG key-servers, and openSUSE (so far) listed
there, and there are cross connections (peering servers) available...
But what about redundancy and federal autarchy if more and more servers
going off?
Thank you and keep goin'
Gunner
Am 22.02.19 um 23:40 schrieb admin@opensuse.org:
[openSUSE Tracker]
Issue #48203 has been updated by cboltz.Category set to servers hosted in NBG
Assignee set to TBroThat, or display a "service discontinued" page on keyserver.o.o. (IIRC we already have such a page, so adjusting haproxy should be enough.)
Thorsten, your decision ;-)
tickets #48203: https://keyserver.opensuse.org/ delivers download.opensuse.org
https://progress.opensuse.org/issues/48203#change-192119
- Author: gunnersson
- Status: New
- Priority: Normal
- Assignee: TBro
- Category: servers hosted in NBG
* Target version:¶
Dear all!
Currently --- 2019-02-21 14:10 CET ---
https://keyserver.opensuse.org/
delivers
download.opensuse.org ("openSUSE download server")
haven't checked by myself so far, if
ISP error (mine, maybe yours)
DNS error (mine or yours)
server error (yours)
Thank you,
Gunner Gewiß
Updated by TBro about 5 years ago
- Status changed from New to Resolved
- % Done changed from 0 to 100
Thanks for the hint, we moved now keyserver to our deprecated services side, that users are informed.
Yes this is a very sad story, that the keyserver software is old and unmaintained and slowly dying and somehow there needs to be a solution for this. I saw some promising projects for newer and shinier SKS-replacements but this is WiP ... let's see what the future brings.
For the distribution, I guess we will provide on software.o.o or some side like this via HTTPS and with HSTS enabled our GPG PubKeys which than should be than secure enough, given that you download the software from us as well via https and trust in this transport security. But yes, these are things which need a talk...
Best regards,
Thorsten