Re: [Sks-devel] SkierPGP

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] SkierPGP

From:	Phil Pennock
Subject:	Re: [Sks-devel] SkierPGP
Date:	Sun, 23 Aug 2015 22:21:05 +0000

On 2015-08-24 at 08:50 +1200, Mike Forbes wrote:
> Has anyone had any experience with https://github.com/SkierPGP/Skier ?

Experience, no, but I just took a look and these are my initial
impressions.

It doesn't speak SKS so can't interop with SKS or Hockeypuck.

It uses HTTP for key distribution, asking peers for a list of all new
keys since a given timestamp and then fetching those.  This makes some
interesting assumptions about the suitability of a timestamp as an
indexing mechanism for consistency in a distributed system not under
centralized control.  It also immediately POSTs a newly uploaded key to
all peers, resulting in fan-out and an interesting DoS vector.

Looks like a reasonable choice to explore for a company/site's internal
PGP keyserver, only holding local keys, if not going to use LDAP.  I'd
be rather hesitant to rely upon this for global synchronization at this
time.

Thanks, added to the list at:
  http://people.spodhuis.org/phil.pennock/pgp-keyservers

-Phil

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] SkierPGP, Mike Forbes, 2015/08/23
- Re: [Sks-devel] SkierPGP, Phil Pennock <=

Prev by Date: [Sks-devel] SkierPGP
Next by Date: [Sks-devel] Renewing (searching) peers on keyserver.searchy.nl
Previous by thread: [Sks-devel] SkierPGP
Next by thread: [Sks-devel] Renewing (searching) peers on keyserver.searchy.nl
Index(es):
- Date
- Thread