Re: [Sks-devel] Re: New search options question

[Phil Pennock]

On 2010-12-29 at 22:44 +0100, Christoph Anton Mitterer wrote:
> On Tue, 2010-12-28 at 20:56 +0000, Kim Minh Kaplan wrote:
> > https://datatracker.ietf.org/doc/draft-shaw-openpgp-hkp/
> SKS does not "conform" to it in several places,... I've opened issues
> for the respective cases at google code some time ago.

[ Before continuing, I'll emphasize here that this is merely personal
  opinion and my connection to SKS is that I use it, have offered
  patches and wrote a little documentation, I'm not a maintainer and
  speak in no official capacity. ]

It's a draft and somewhat dated.  The author's own software no longer
conforms to it in some areas (eg, the SRV service name to use; GnuPG now
uses two of the DNS-SD variants instead).

Most of the issues are of the x-<name> vs <name> variety, which in my
opinion is nit-picking of the highest order when the reference is a -00
version personal submission expired draft.  It's *normal* for people to
ignore such x-restrictions on naming at such an early stage, while
people get experience with the protocol and refine the draft.

options=mr being ignored with op=get is certainly a valid complaint.

It only makes sense for options=nm to raise an error if the server does
perform any modifications.  I don't believe that SKS does, so it's by
definition always complying with such a request.  Thus an error would be
incorrect.

MIME-types -- the built-in web-server is supposed to be a very minimal
implementation.  I strongly suggest that if you want anything
non-trivial served, you do so with a proper threaded/forking server, to
be able to sustain load?  Options are for SKS on port 11371 and a
default document that just does a redirect to port 80 serving, or for
SKS behind a proxying server on port 80 with the proxy providing SSL,
etc, and *only* passing on ^/pks/.* to SKS.

-Phil