SKS behind a reverse HTTP proxy -- cache invalidation hooks?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

SKS behind a reverse HTTP proxy -- cache invalidation hooks?

Daniel Kahn Gillmor-7
hey SKS folks--

The HKP service from keys.mayfirst.org is served by
zimmermann.mayfirst.org.  zimmermann runs sks on the standard ports,
with nginx as an HTTP proxy in front of it to provide plain HTTP service
on port 80, and HKPS service on port 443.

Due to recent discussion on this list, it occurred to me to enable
caching in that proxy.  I'm considering doing it with these settings:

  https://support.mayfirst.org/ticket/3758

(If you have suggestions on those settings, i'd be happy to hear them)

I'm also wondering if there's a way that i could get a hook *out* from
SKS to get it to invalidate the cache when it receives an update for a
given key.  I can work out how to invalidate the nginx proxy cache
myself -- i'm just not sure how to get the hook from SKS to know when to
do so.  Initially, i'd like to target key-specific fetches by keyid

Any suggestions or pointers?  cache invalidation hooks aren't currently
implemented, would there be any objections to adding such a feature?

        --dkg


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel

signature.asc (918 bytes) Download Attachment