From 4c43b7d41d11072f382f938379d21cd2e0bcbb47 Mon Sep 17 00:00:00 2001 From: fanquake Date: Thu, 12 Aug 2021 16:40:34 +0800 Subject: contrib: use hkps://keys.openpgp.org to retrieve builder keys hkps://hkps.pool.sks-keyservers.net is essentially no-longer functional, and a number of distributions and GPG tools have since switched to using this key server as their default. See this Debian patch for additional context: https://salsa.debian.org/debian/gnupg2/-/blob/debian/main/debian/patches/Use-hkps-keys.openpgp.org-as-the-default-keyserver.patch Switch to using keys.openpgp.org in the CI as well. --- contrib/builder-keys/README.md | 2 +- contrib/verify-commits/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'contrib') diff --git a/contrib/builder-keys/README.md b/contrib/builder-keys/README.md index a7c1d5ae0a..56bd87d0af 100644 --- a/contrib/builder-keys/README.md +++ b/contrib/builder-keys/README.md @@ -20,7 +20,7 @@ To fetch keys of builders and active developers, feed the list of fingerprints of the primary keys into gpg: ```sh -while read fingerprint keyholder_name; do gpg --keyserver hkp://subset.pool.sks-keyservers.net --recv-keys ${fingerprint}; done < ./keys.txt +while read fingerprint keyholder_name; do gpg --keyserver hkps://keys.openpgp.org --recv-keys ${fingerprint}; done < ./keys.txt ``` Add your key to the list if you provided Guix attestations for two major or diff --git a/contrib/verify-commits/README.md b/contrib/verify-commits/README.md index e95a57586f..b8b15280ba 100644 --- a/contrib/verify-commits/README.md +++ b/contrib/verify-commits/README.md @@ -40,7 +40,7 @@ Import trusted keys In order to check the commit signatures, you must add the trusted PGP keys to your machine. [GnuPG](https://gnupg.org/) may be used to import the trusted keys by running the following command: ```sh -gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys $(