[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Sks-devel] SKS behind a reverse HTTP proxy -- cache invalidation hooks?
|
From: |
Daniel Kahn Gillmor |
|
Subject: |
[Sks-devel] SKS behind a reverse HTTP proxy -- cache invalidation hooks? |
|
Date: |
Thu, 30 Dec 2010 18:07:01 -0500 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.12) Gecko/20101110 Icedove/3.1.6 |
hey SKS folks--
The HKP service from keys.mayfirst.org is served by
zimmermann.mayfirst.org. zimmermann runs sks on the standard ports,
with nginx as an HTTP proxy in front of it to provide plain HTTP service
on port 80, and HKPS service on port 443.
Due to recent discussion on this list, it occurred to me to enable
caching in that proxy. I'm considering doing it with these settings:
https://support.mayfirst.org/ticket/3758
(If you have suggestions on those settings, i'd be happy to hear them)
I'm also wondering if there's a way that i could get a hook *out* from
SKS to get it to invalidate the cache when it receives an update for a
given key. I can work out how to invalidate the nginx proxy cache
myself -- i'm just not sure how to get the hook from SKS to know when to
do so. Initially, i'd like to target key-specific fetches by keyid
Any suggestions or pointers? cache invalidation hooks aren't currently
implemented, would there be any objections to adding such a feature?
--dkg
signature.asc
Description: OpenPGP digital signature
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Sks-devel] SKS behind a reverse HTTP proxy -- cache invalidation hooks?,
Daniel Kahn Gillmor <=