msva fallbacks to cleartext hkp connection
As reported on #3457 (closed), msva fallbacks to an unencrypted connection to its default keyserver (hkp://pool.sks-keyservers.net), when it somehow does not like the configured keyserver, or cannot find one. Considering the configured keyserver may be using an end-to-end encrypted connection by itself (e.g. Tor hidden service, VPN, ipsec, whatever), this behavior can trigger information leaks on the network without the user being informed (... unless s/she looks at her logs, but why should she, since msva does work?)
(from redmine: created on 2011-09-14)
Edited by John Scott