[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] reverse proxies and the pool
|
From: |
Gabor Kiss |
|
Subject: |
Re: [Sks-devel] reverse proxies and the pool |
|
Date: |
Mon, 28 Oct 2013 20:25:59 +0100 (CET) |
|
User-agent: |
Alpine 2.02 (DEB 1266 2009-07-14) |
> With a great number of the SKS servers already in the pool now
> supporting a reverse proxy[a] does it make sense to make this a
> hard-requirement for inclusion in the pool in order to increase
> availability?
1 vote against it. (Sorry if I seem to be ungrateful. :)
> Ideally, if network traffic should increase, it could be interesting
> to setup a new subpool (to replace the current HA - High Availability
> pool) that only include load-balanced setups with multiple SKS servers
> behind a single reverse proxy.
>
> What are your thoughts about such a move?
I already explicated that the main vulnerability of key servers is
not a temporary network overload at socket level. Guys at No Such Agency
once decide to flood the servers with one hundred million fake keys
with ardent help of several governments of Near, Middle and Far East.
Gabor
Re: [Sks-devel] reverse proxies and the pool, Andy Ruddock, 2013/10/30