|
| From: | Gabor Kiss |
| Subject: | Re: [Sks-devel] old certificates |
| Date: | Tue, 29 Apr 2014 20:07:09 +0200 (CEST) |
| User-agent: | Alpine 2.02 (DEB 1266 2009-07-14) |
> I'm not on the list and if you connect to my server
I did not. This was the command:
for server in a.keyserver.pki.scientia.net key.adeti.org key.ip6.li \
keys.alderwick.co.uk keys.fedoraproject.org keys.niif.hu keys.sflc.info \
keys2.alderwick.co.uk keys2.kfwebs.net keyserver.codinginfinity.com \
keyserver.secretresearchfacility.com keyserver.secure-u.de \
keyserver.skoopsmedia.net keyserver.ut.mephi.ru keyserver.witopia.net \
klucze.achjoj.info pgpkeys.eu sks.alpha-labs.net sks.fidocon.de \
sks.karotte.org sks.mrball.net sks.spodhuis.org sks.undergrid.net \
zimmermann.mayfirst.org
do
echo $server
openssl s_client -servername hkps.pool.sks-keyservers.net \
-connect $server:443 </dev/null 2>/dev/null |
openssl x509 -noout -text |
grep 'Not Before'
done
Only the current members of HKPS pool were tested.
> (pgp.benny-baumann.de) you will find it will talk to you using a HKPS
FYI:
s_client fails with your server. ("no peer certificate available")
> certificate - but responds your query with plaintext - which is a known
> No affected OpenSSL version in the webserver process.
Good news. :-)
Thanks
Gabor
| [Prev in Thread] | Current Thread | [Next in Thread] |