I am looking for peers for a new SKS keyserver installation.
I am running SKS version 1.1.6-4 (Debian stretch), on sks.infcs.de. We are
an university and the server is installed for local access and to feed
another local-only keyserver, which distributes local keys from WKD to
keyserver-only clients. The server is physically located in Germany (EU)
on the DFN. The machine has *no* IPv6 connectivity.
For operational issues, please contact me directly.
sks.infcs.de 11370 # Steffen Kaiser <[hidden email]>
>> On 28 Jun 2018, at 11:14 , Steffen Kaiser <[hidden email]> wrote:
>> On Wed, 27 Jun 2018, Steffen Kaiser wrote:
>>> On Wed, 27 Jun 2018, Hendrik Grewe wrote:
>>>> This Setup reminds me of a recently asked question on this ML:
>>>> http://lists.nongnu.org/archive/html/sks-devel/2018-06/msg00032.html >>>>
>>>> hope this helps
>>> yes, http://lists.nongnu.org/archive/html/sks-devel/2018-06/msg00041.html >>> states that: "Unless recon is enabled in both directions, the key delta
>>> will inevitably grow to the point that recon will fail."
>>> That means, recon / gossip is not possible and updates via email is the
>>> only option left.
>> for the archive:
>> email updates don't work as well. I set up three systems with a SKS system
>> + system A and system B are configured to gossip with each other, thus,
>> simulating the normal outside SKS peers / SKS cloud,
>> + system C is my local installation, that must not talk to the outside,&
>> + system B sync's via mail to system C (oneway).
>> If I upload a key to system B, it is sync'ed to C. If I upload a key to
>> system A, it is sync'ed to B, but not forwared to C. So, mailsync is out
>> as well.
> I also got the feeling that the mailsync was meant for when a key is *directly* uploaded to a server, it is emailed out, not when it receives keys via the recon/whisper partners (Else every one will sent out emails with each and every sync, ie. >100mails/days…)
> I think the (wish list) option to have a 1-way sync setting, ie. Any and all keys you receive, you forward in that direction, no matter whether that server have the key or not, ie. no-recon/whisper, just: “I’ve received this key, here it is”
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1