[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Deployment question about non-public server with oneway
|
From: |
Steffen Kaiser |
|
Subject: |
Re: [Sks-devel] Deployment question about non-public server with oneway feed |
|
Date: |
Thu, 28 Jun 2018 11:14:53 +0200 (CEST) |
|
User-agent: |
Alpine 2.11 (DEB 23 2013-08-11) |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 27 Jun 2018, Steffen Kaiser wrote:
On Wed, 27 Jun 2018, Hendrik Grewe wrote:
This Setup reminds me of a recently asked question on this ML:
http://lists.nongnu.org/archive/html/sks-devel/2018-06/msg00032.html
hope this helps
yes, http://lists.nongnu.org/archive/html/sks-devel/2018-06/msg00041.html
states that: "Unless recon is enabled in both directions, the key delta
will inevitably grow to the point that recon will fail."
That means, recon / gossip is not possible and updates via email is the
only option left.
for the archive:
email updates don't work as well. I set up three systems with a SKS system
each:
+ system A and system B are configured to gossip with each other, thus,
simulating the normal outside SKS peers / SKS cloud,
+ system C is my local installation, that must not talk to the outside,&
+ system B sync's via mail to system C (oneway).
If I upload a key to system B, it is sync'ed to C. If I upload a key to
system A, it is sync'ed to B, but not forwared to C. So, mailsync is out
as well.
Thanks,
Am 27.06.2018 um 15:12 schrieb Steffen Kaiser:
Hi,
I have been asked to setup a local PGP key distribution, because some
attendees are concered about SPAM harvesting and other things. One
condition is to support WKD and a key server, because some clients use a
key server only.
Because most client software cannot query multiple key servers, I
thought about a proxy, that merges the results of one local and one SKS
server first, but found none.
So I guess my only option is to setup a SKS server and:
1) ask, if someone would feed me oneway with updates, and
2) synchronize local uploads between WKD and this server.
I installed a test machine and verified, that I can sync WKD and the
database of the SKS server both ways.
But: is this a valid setup? Would somebody recommend something different?
Is it possible to setup a oneway SKS update feed?
Kind regards,
-- Steffen Kaiser
_______________________________________________
Sks-devel mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/sks-devel
--
Steffen Kaiser
---------------Output of GPG------------------
gpg: Signature made Wed 27 Jun 2018 04:34:52 PM CEST using RSA key ID
9ABC764F
gpg: Good signature from "Steffen Kaiser <address@hidden>"
_______________________________________________
Sks-devel mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/sks-devel
- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEVAwUBWzSnDSOjcd6avHZPAQL8Lgf/TpXyN1eUiC4Dj7bkWDDx4/AM4qWSgPdX
0LHZEelYCsocOjn9QAbAQYxXU37vzeAG5VlWavLZ0TME61mgV5q3fGQkpoHFOInc
cLAGBSD+31C+nh4qDAvW126Z66HsOVbJa/fIzVU8aGhe08j2QL8xyRXmhO/sJo4s
2iv33NOYTbW/4wqcjNV/MIy8zx2yrpPf/3rAhUoGYjIuSEmQLR4V0LEqfQjRqh8z
CaF4Y0xW+wfgimU0ylK3J6Dh9FYkaXa3j4e+bQNvBaZEFxQNEPZir+qE/YIr5lrd
h5tbxCtTGeRF6bFgLV5jxVAf8JSDIHa79S78Ixbd2XlZV8i8yGgwhg==
=+2QM
-----END PGP SIGNATURE-----