Re: [Sks-devel] Seeking for gossiping peers for http://sks01.keyhub.io:1

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Seeking for gossiping peers for http://sks01.keyhub.io:1

From:	Phil Pennock
Subject:	Re: [Sks-devel] Seeking for gossiping peers for http://sks01.keyhub.io:11371
Date:	Mon, 28 Oct 2013 17:21:12 -0400

On 2013-10-28 at 09:00 -0500, John Clizbe wrote:
> Umm, what does peering have to do with the SKS version that one would refuse
> to peer with a server running a version prior to 1.1.3?

In addition to Sebastian Wiesinger's point about pre-1.1.2 POST issues,
I'll note:

 * The wiki Peering page has details on more core issues about versions

 * There are social, as well as purely technical, issues around peering.
   Some of those social issues have technical roots.

   Peering SKS is a matter of trust between operators; a misbehaving
   server can cascade operational issues onto its peers, most notably by
   being too far behind the current key count and causing the peers' CPU
   burden to go up during reconciliation.

   In any issue where you're asking strangers to trust you to run a
   service well, it is Helpful to demonstrate that you're willing to put
   in the effort to run that service well; unless we know someone from
   elsewhere, the best clue we each have is "did they put in the work to
   provide a good initial setup?"

   Being willing to find more recent versions of SKS than are packaged
   by default with the OS is a sign that the other person is taking the
   setup seriously.  It's not a guarantee that the peering will be
   well-run, but it demonstrates that:

    1) they can do some basic package management beyond installing
       default packages, within a GUI
    2) they can follow a somewhat technical setup guide, so are not
       likely to cause you to grit your teeth later in basic
       hand-holding while debugging an operational problem
    3) if the install is being done on a whim, they're not being
       entirely cavalier about the setup

All of this is in a "Peering" wiki page because that's the name I chose
for it, and I chose that name because this affects an install of SKS
which you want to peer with others.  SKS can be run standalone, you can
do whatever you want with such a setup, nobody gets to tell you
otherwise (as long as you comply with the code license).  It's only when
you want to set up operational links with others that people like having
a reference point for encouraging current best practices.

I'm flattered that the page has come to be so well regarded.  :)

-Phil

pgpnmnH4lOrx7.pgp
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] Seeking for gossiping peers for http://sks01.keyhub.io:11371, Thomas Spycher, 2013/10/27
- Re: [Sks-devel] Seeking for gossiping peers for http://sks01.keyhub.io:11371, David Benfell, 2013/10/28
  - Re: [Sks-devel] Seeking for gossiping peers for http://sks01.keyhub.io:11371, Thomas Spycher, 2013/10/28
  - Re: [Sks-devel] Seeking for gossiping peers for http://sks01.keyhub.io:11371, Todd Lyons, 2013/10/28
    - Re: [Sks-devel] Seeking for gossiping peers for http://sks01.keyhub.io:11371, Thomas Spycher, 2013/10/28
    - Re: [Sks-devel] Seeking for gossiping peers for http://sks01.keyhub.io:11371, John Clizbe, 2013/10/28
    - Re: [Sks-devel] Seeking for gossiping peers for http://sks01.keyhub.io:11371, Sebastian Wiesinger, 2013/10/28
    - Re: [Sks-devel] Seeking for gossiping peers for http://sks01.keyhub.io:11371, Phil Pennock <=

Prev by Date: Re: [Sks-devel] reverse proxies and the pool
Next by Date: Re: [Sks-devel] Recon Details
Previous by thread: Re: [Sks-devel] Seeking for gossiping peers for http://sks01.keyhub.io:11371
Next by thread: [Sks-devel] Recon Details
Index(es):
- Date
- Thread