Geez! Connection refused - PGP

This is a discussion on Geez! Connection refused - PGP ; gpg --keyserver keyserver.pgp.com --recv-key 0xB216???? gpg: requesting key B216???? from keyserver.pgp.com ... gpg: can't get key from keyserver: Connection refused How come? I successfully retrieved another key just prior from pgpkeys.mit.edu (The question marks weren't included, I'm just paranoid) How ...

+ Reply to Thread
Results 1 to 8 of 8

Thread: Geez! Connection refused

  1. Geez! Connection refused

    gpg --keyserver keyserver.pgp.com --recv-key 0xB216????

    gpg: requesting key B216???? from keyserver.pgp.com ...

    gpg: can't get key from keyserver: Connection refused

    How come? I successfully retrieved another key just prior
    from pgpkeys.mit.edu

    (The question marks weren't included, I'm just paranoid)

    How often do key servers update each other?

  2. Re: Geez! Connection refused

    W. D. wrote:
    > gpg --keyserver keyserver.pgp.com --recv-key 0xB216????
    >
    > gpg: requesting key B216???? from keyserver.pgp.com ...
    >
    > gpg: can't get key from keyserver: Connection refused
    >
    > How come? I successfully retrieved another key just prior
    > from pgpkeys.mit.edu


    keyserver.pgp.com isn't a HKP keyserver.

    gpg --keyserver ldap://keyserver.pgp.com --recv-key 0xB216????

    David

  3. Re: Geez! Connection refused

    "W. D." wrote:
    >
    > gpg --keyserver keyserver.pgp.com --recv-key 0xB216????
    >
    > gpg: requesting key B216???? from keyserver.pgp.com ...
    >
    > gpg: can't get key from keyserver: Connection refused
    >
    > How come? I successfully retrieved another key just prior
    > from pgpkeys.mit.edu
    >
    > (The question marks weren't included, I'm just paranoid)
    >
    > How often do key servers update each other?


    My testing indicates that does not
    synchronize.

    --

    David E. Ross


    I use Mozilla as my Web browser because I want a browser that
    complies with Web standards. See .

  4. Re: Geez! Connection refused

    David Ross wrote:
    >
    > "W. D." wrote:
    > >
    > > gpg --keyserver keyserver.pgp.com --recv-key 0xB216????
    > >
    > > gpg: requesting key B216???? from keyserver.pgp.com ...
    > >
    > > gpg: can't get key from keyserver: Connection refused
    > >
    > > How come? I successfully retrieved another key just prior
    > > from pgpkeys.mit.edu
    > >
    > > (The question marks weren't included, I'm just paranoid)
    > >
    > > How often do key servers update each other?

    >
    > My testing indicates that does not
    > synchronize.
    >
    > --
    >
    > David E. Ross
    >


    Thanks, David.

    How can I test these keyservers myself? It would be
    great to find out which synchronize and which don't.

  5. Re: Geez! Connection refused

    David Shaw wrote:
    >
    > W. D. wrote:
    > > gpg --keyserver keyserver.pgp.com --recv-key 0xB216????
    > >
    > > gpg: requesting key B216???? from keyserver.pgp.com ...
    > >
    > > gpg: can't get key from keyserver: Connection refused
    > >
    > > How come? I successfully retrieved another key just prior
    > > from pgpkeys.mit.edu

    >
    > keyserver.pgp.com isn't a HKP keyserver.
    >
    > gpg --keyserver ldap://keyserver.pgp.com --recv-key 0xB216????
    >
    > David


    Thanks, David.

    I did a little reading. "HKP" apparently stands for "HTTP
    Protocol Keyserver". Didn't find what ldap stands for.

    gpg --keyserver ldap://keyserver.pgp.com --recv-key 0xB216????
    gpg: requesting key B216???? from ldap://keyserver.pgp.com ...
    gpg: can't get key from keyserver: Undefined error: 0

    Not very informative error message.

    If I've downloaded their key to my Windows PC, is there some
    way I can upload it to pgpkeys.mit.edu, or other keyservers?

    Or how can I check to see if it has already been "synchronized"
    to other servers?

  6. Testing Key Servers [was: Connection refused]

    "W. D." wrote:
    >
    > I previously wrote:
    > >
    > > My testing indicates that does not
    > > synchronize.

    >
    > How can I test these keyservers myself? It would be
    > great to find out which synchronize and which don't.


    See my .

    As a professional software test engineer, I performed the
    following formal test of server synchronization.

    1. I generated new keys with bogus user IDs (e.g.,
    nooneA@noplace.com, nooneB@noplace.com, nooneC@noplace.com).

    2. I selected four public key servers: one in Keyserver.Net, one
    in PGPnet, and two not in either. (I really don't remember which
    ones I selected, but I do remember there were four from which to
    choose -- not two -- in my Keyserver.Net at the time.)

    3. I uploaded a different test key to each of those servers. I
    used a different key for each server so that I could tell from
    which server others were synchronizing.

    4. I queried other key servers to see how long it took for the
    test keys to propagate. I did this for one server each in
    Keyserver.Net and PGPnet and for one other server not in either.

    5. After two weeks, I stopped querying for the keys, assuming the
    queried server did not synchronize (since synchronization is
    supposed to happen even across different server networks).

    6. I updated the test keys, adding a distinct user ID to each.

    7. I uploaded the modified keys to the servers I queried in step
    #4.

    8. I then queried the servers I selected in step #2 (used in step
    #3) for the modified keys. This way I determined if any of those
    failed to synchronize.

    In the case of , however, I didn't need the
    above test. Each server listed on my cited Web page was tested
    for functionality as described above the chart under "Tested"
    (about half-way down the page). When I tested
    , I noticed that it had my latest keys, but it
    had not synchronized to the latest updates to those keys (which
    added another user ID).

    I just now checked again. It still does has
    not synchronized to keys I modified and uploaded elsewhere a year
    ago. For my current RSA key, it has both user IDs; but my latest
    user ID is unsigned. For my current DSS/DH key, it still lacks my
    latest user ID.

    The four key servers listed in bold on my Web page synchronize to
    other servers quite promptly. Other servers also synchronize to
    them promptly, too. Other servers might be equally good.
    However, having identified four (including an LDAP server), I
    decided I had sufficient servers set into my PGP options to meet
    my needs.

    --

    David E. Ross


    I use Mozilla as my Web browser because I want a browser that
    complies with Web standards. See .

  7. Re: Testing Key Servers [was: Connection refused]

    Thanks, David! This was extremely helpful.

    David Ross wrote:
    >
    > "W. D." wrote:
    > >
    > > I previously wrote:
    > > >
    > > > My testing indicates that does not
    > > > synchronize.

    > >
    > > How can I test these keyservers myself? It would be
    > > great to find out which synchronize and which don't.

    >
    > See my .
    >
    > As a professional software test engineer, I performed the
    > following formal test of server synchronization.
    >
    > 1. I generated new keys with bogus user IDs (e.g.,
    > nooneA@noplace.com, nooneB@noplace.com, nooneC@noplace.com).
    >
    > 2. I selected four public key servers: one in Keyserver.Net, one
    > in PGPnet, and two not in either. (I really don't remember which
    > ones I selected, but I do remember there were four from which to
    > choose -- not two -- in my Keyserver.Net at the time.)
    >
    > 3. I uploaded a different test key to each of those servers. I
    > used a different key for each server so that I could tell from
    > which server others were synchronizing.
    >
    > 4. I queried other key servers to see how long it took for the
    > test keys to propagate. I did this for one server each in
    > Keyserver.Net and PGPnet and for one other server not in either.
    >
    > 5. After two weeks, I stopped querying for the keys, assuming the
    > queried server did not synchronize (since synchronization is
    > supposed to happen even across different server networks).
    >
    > 6. I updated the test keys, adding a distinct user ID to each.
    >
    > 7. I uploaded the modified keys to the servers I queried in step
    > #4.
    >
    > 8. I then queried the servers I selected in step #2 (used in step
    > #3) for the modified keys. This way I determined if any of those
    > failed to synchronize.
    >
    > In the case of , however, I didn't need the
    > above test. Each server listed on my cited Web page was tested
    > for functionality as described above the chart under "Tested"
    > (about half-way down the page). When I tested
    > , I noticed that it had my latest keys, but it
    > had not synchronized to the latest updates to those keys (which
    > added another user ID).
    >
    > I just now checked again. It still does has
    > not synchronized to keys I modified and uploaded elsewhere a year
    > ago. For my current RSA key, it has both user IDs; but my latest
    > user ID is unsigned. For my current DSS/DH key, it still lacks my
    > latest user ID.
    >
    > The four key servers listed in bold on my Web page synchronize to
    > other servers quite promptly. Other servers also synchronize to
    > them promptly, too. Other servers might be equally good.
    > However, having identified four (including an LDAP server), I
    > decided I had sufficient servers set into my PGP options to meet
    > my needs.
    >
    > --
    >
    > David E. Ross
    >
    >
    > I use Mozilla as my Web browser because I want a browser that
    > complies with Web standards. See .


    --
    Start Here to Find It Fast!(TM) ->
    http://www.US-Webmasters.com/best-start-page/

  8. Re: Geez! Connection refused

    On Sat, 31 Jan 2004 00:06:49 -0600, "W. D."
    wrote:

    >
    >I did a little reading. "HKP" apparently stands for "HTTP
    >Protocol Keyserver". Didn't find what ldap stands for.
    >



    Lightweight Directory Access Protocol

    http://www.google.com/search?sourcei...e=UTF-8&q=LDAP

    very first link on google



+ Reply to Thread