|
From: | Joseph Oreste Bruni |
Subject: | Re: [Sks-devel] LDAP back-end |
Date: | Sun, 20 Jun 2010 12:48:19 -0700 |
The downside of using LDAP for a keyserver is that values are replaced rather than merged as is preferred by the nature of signatures. A key signed by you will be overwritten by the same key signed by me if I first don't take care to update my copy of the key with the keyserver version first, resulting in lost signatures, preferences and other changes.
BerkeleyDB is nice (it is very fast) but does have its quirks. Perhaps you could spend that energy redoing the backend using SQLite instead of LDAP. I don't know if anyone has provided language bindings for SQLite in Ocaml, though.
Joe Sent from my iPhoneOn Jun 20, 2010, at 11:26 AM, "C.J. Adams-Collier" <address@hidden> wrote:
Hey folks, I'm setting up a CA, and I plan to keep the certs on an LDAP server. I've been looking around for a PGP keyserver, and it looks like SKS is the most well-maintained system available.I've written a bit of code here and there, and I can probably implementan LDAP back-end if it has not yet been implemented. I haven't read through the codebase yet, so I will go do that here when I have some free time. If such a feature is already implemented (or being implemented), could someone bring me up to date? Thanks in advance, C.J. _______________________________________________ Sks-devel mailing list address@hidden http://lists.nongnu.org/mailman/listinfo/sks-devel
[Prev in Thread] | Current Thread | [Next in Thread] |