[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] IPv6 peering; keydumps annoyingly large
From: |
David Shaw |
Subject: |
Re: [Sks-devel] IPv6 peering; keydumps annoyingly large |
Date: |
Wed, 1 Jun 2011 17:18:31 -0400 |
On Jun 1, 2011, at 2:09 PM, Scott Grayban wrote:
> Maybe I'm the rookie here but not a linux "rookie", I have been using
> linux for the past 15 years, just google my name, and I always run into
> the group that would rather take the "easiest way" and ignore a issue
> that is bound to come up.
>
> At some point the current DB is going to be to large to handle muchless
> transport it via plastic media whether its dvd, blue-ray or flash drive.
> Sure we have cheap TB drives now but that isn't going to be practicable
> in the future to transport/share/copy the DB dump. I hear that some
> people are already running into corrupt PTree db's and have to rebuild
> them every few weeks... just this alone should be a warning.
>
> PGP (keyserver.pgp.com) has been allowing keys to be deleted for years
> and they even scrub their DB of revoked and expired keys and that hasn't
> degraded the trust yet. It's just practicable to remove stuff like this.
> You wouldn't keep moldy old bread would you ?
keyserver.pgp.com is architecturally and operationally a different beast than
SKS. Each key stored in keyserver.pgp.com is explicitly given permission to be
there by the keyholder (defined in this case as "an email address from a user
ID on the key"). It does not attempt to be a complete add-only record of keys
as SKS (and PKS before it) does.
There are good points to the keyserver.pgp.com model, and there are good points
to the SKS model. I'm pleased that both exist.
David
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, (continued)
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, Johan van Selst, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, Scott Grayban, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, Xian Stannard, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, Robert J. Hansen, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, John Clizbe, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, Scott Grayban, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, Jeff Johnson, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, John Clizbe, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large,
David Shaw <=
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, Robert J. Hansen, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, Xian Stannard, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, Daniel Kahn Gillmor, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, Scott Grayban, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, Robert J. Hansen, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, Matthew Palmer, 2011/06/02
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, David Shaw, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, Scott Grayban, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, David Shaw, 2011/06/01
- Re: [Sks-devel] IPv6 peering; keydumps annoyingly large, Robert J. Hansen, 2011/06/01