[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
sharing keydumps and Re: [Sks-devel] pgp.uni-mainz.de is now sks and sea
sharing keydumps and Re: [Sks-devel] pgp.uni-mainz.de is now sks and searching for sync partners
Thu, 6 Jan 2005 13:47:47 -0500
On Wed, Jan 05, 2005 at 06:12:19PM +0100, Christoph Martin wrote:
> I just installed the Debian sks package from
> https://svn.clearairturbulence.org/debian-sks/trunk/sks on
> pgp.uni-mainz.de and migrated the data from my pksd.
Looking at my SKS db.log yesterday, it looks like you passed about
600 updated keys from your pks keydump to two of your gossip peers.
Your stats page says you gained 7188 new keys on 2005-01-06. This
update probably took a few hours, but it is important to not throw
away old keydumps when changing keyserver software. Some of those
600 updates were revocations that the keyholders probably wouldn't
think to upload to a public keyserver ever again. The rest of the
data probably would have hit more keyservers if it had been sent a
second time, so I assume it wasn't. The 7188 new keys are clearly
the result of unsent/bounced/unprocessed sync. emails, which shows
why it is important to back up email syncs by periodically merging
Of course, this happens automatically among SKS servers, but must
still be done manually among CKS, LDAP, onak, OpenPKSD, and pks
servers. I recommend periodically feeding keydumps from all such
servers into the SKS network to minimize the amount of data lost
due to email problems, hardware failures, etc. at any individual
keyserver. Merging SKS keydumps into non-SKS servers may be
problematic until SKS implements tighter packet filtering, but
that shouldn't stop us from sharing keydumps as widely as possible.
(As always, my pks keydumps are available by request.)
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
address@hidden _|_ web: http://keyserver.kjsl.com/~jharris/
Got photons? (TM), (C) 2004
Description: PGP signature