Gnupg2 changes from upstream

I thought I’d pass along a note from the GNU Privacy Guard (gnupg2) maintainer;

Upstream GnuPG now defaults to not accepting third-party certifications
from the keyserver network. Given that the SKS keyserver network is
under attack via certificate flooding, and third-party certifications
will not be accepted anyway, we now ship with the more tightly-constrained
and abuse-resistant system hkps:// as the default

Users with bandwidth to spare who want to try their luck with the SKS
pool should add the following line to ~/.gnupg/dirmngr.conf to revert to
upstream’s default keyserver:

  keyserver hkps://

See the 2.2.17 section in the upstream NEWS file at
/usr/share/doc/gnupg/NEWS.gz for more information about fully
reverting to the old, risky behavior.

– Daniel Kahn Gillmor Thu, 11 Jul 2019 22:12:07 -0400