Re: [Sks-devel] Running a non-pool keyserver & identifying offline peers

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Running a non-pool keyserver & identifying offline peers

From:	Kristian Fiskerstrand
Subject:	Re: [Sks-devel] Running a non-pool keyserver & identifying offline peers
Date:	Fri, 01 Aug 2014 13:58:53 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 08/01/2014 12:50 PM, Pete Stephenson wrote:
> On 8/1/2014 12:27 PM, Kristian Fiskerstrand wrote:
>> On 08/01/2014 12:08 PM, Pete Stephenson wrote:
>>> Dear all,
>> 
>> 
>> ...
>> 
>> 
>>> Is there a way to have the public and private systems stay in
>>> sync, but privately?
>> 
>> One option is using a local hostname in the peer file and put an
>> entry in /etc/hosts for it. Another is that I can put it in the
>> global exclude list of the pool.
> 
> Interesting. I'll look into the local hostname thing -- would using
> that method prevent the private server from showing up in the
> "Servers currently not in the pool" listing at
> https://sks-keyservers.net/status/ or not?

I'd still show up in servers not part of the pool.

> 
> I assume that since the test systems can't access it then it won't
> end up in the pool.
> 

Affirmed.

...

> 
> On a related note, I propose a feature for future versions of SKS:
> add an "OK/Not OK" indicator for each server's stats page 
> ([keyserver]/pks/lookup?op=stats) so an admin can easily check if
> all the peers are working as expected. This is currently done at 
> https://sks-keyservers.net/status/info/[keyserver] but it'd be nice
> to have it locally as well.

How would the server know if it is good or not? A keyserver can run on
a stand-alone basis with 10 keys for an organization and be perfectly
useful. E.g. I use single instances for key signing parties to receive
keys to auto-generate lists from. So this doesn't belong in the server
software, but on the abstraction layer.

- -- 
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Cogito ergo sum
I think, therefore I am
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJT24D9AAoJEPw7F94F4TagnHQQAKXXjGB1xjEPseIGyJ3Ghxib
XLBlDPJpHbOvf1cIvSweklFIxKTiGSD00/bXyw6s/eFp4U97DBUfc9rUopPvxzMc
q+99pTn/jGL7QBVizTnykk8LsCOSinTCEVG3lxapGrdzX+/UPKWfMdcr/Qs1XrI6
9ujkp3UKRJD4ehAOqoveXQZxcCgVdpv/xEXwyLI6yA1RRF6vjPRLnPUDg7oBpYKl
fBc8O9WuI8y/NcS7WSssWNTFr7NT/1RiSrQQWGkl7B3L5WDCYlW4T/ylBJV5rh+P
OofpJZIVk+x/fY0hx2CfMV/CPVImZhzn5oVwyg2rViXzyICgy0rU43O+UVjXg3IL
g31aBLbbCCRIWSHNQA5cijvju8L+8CfN5p5FPpVah29YAPgNozr8t0lB8IoVQ3Eo
VyO6Ufgxw9ePVo+y2BWerdd4XumNGMkR75adDiQfvhPBJRlo2+dCvZhHkaVAVjOL
ZR+nepoblxjrvFP5Jg/LCuk22CiVsNiXJW9GKUGv0+RusCHjCGYioVkuTiDBCbc6
U4DsMzquJLxIfs0w5NKiekneiSeiZOf3E4s/XdfJesGW+4QYQzGCrJwqBSo8AXx7
65mJmp/XePKLCY48EGcu2oMJZeVdD9Cjb2sktkvbB3Vdcb+AG+e7zBwaaEQuywYs
R/CuiiSLYIJZlzjxgrnn
=djs1
-----END PGP SIGNATURE-----

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] Running a non-pool keyserver & identifying offline peers, Pete Stephenson, 2014/08/01
- Re: [Sks-devel] Running a non-pool keyserver & identifying offline peers, Kristian Fiskerstrand, 2014/08/01
  - Re: [Sks-devel] Running a non-pool keyserver & identifying offline peers, Pete Stephenson, 2014/08/01
    - Re: [Sks-devel] Running a non-pool keyserver & identifying offline peers, Kristian Fiskerstrand <=

Prev by Date: Re: [Sks-devel] Running a non-pool keyserver & identifying offline peers
Next by Date: [Sks-devel] Looking for peers
Previous by thread: Re: [Sks-devel] Running a non-pool keyserver & identifying offline peers
Next by thread: [Sks-devel] Looking for peers
Index(es):
- Date
- Thread