On Wed, 2019-10-02 at 19:20 +0200, Mathieu Malaterre wrote: > Very very odd. Seems to be a server side issue. ... > gpg: key 421EE936326AC15B: new key but contains no user ID - skipped ... > Donno what is wrong with https://keys.openpgp.org:443 It doesn't distribute UIDs without permission of the key owner and without verification that the key owner also owns the UIDs. https://keys.openpgp.org/about It is replacing the SKS keyservers, which are vulnerable to certificate flooding attacks and are unmaintained and deprecated. This basically means that the OpenPGP Web of Trust is currently dead, but there are plans to add some keyserver features that would re-enable it. https://dkg.fifthhorseman.net/blog/openpgp-certificate-flooding.html https://dkg.fifthhorseman.net/blog/community-impact-openpgp-cert-flooding.html https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f https://lwn.net/Articles/792366/ https://lwn.net/Articles/792494/ https://tools.ietf.org/html/draft-dkg-openpgp-abuse-resistant-keystore-03#section-10 -- bye, pabs https://wiki.debian.org/PaulWise
Attachment:
signature.asc
Description: This is a digitally signed message part