Howdy Tankred, First, I think this is great! Thanks so much for doing this!
Second, a few technical questions: 1. Are you using the sks-keyserver server or did you roll your own HKP implementation. If you're using sks, can you elaborate on how you setup your internal infrastructure and API to the core sks-keyserver? If you rolled your own HKP, is there source code available? I'd love to find an alternative implementation for HKP that's not written in OCaml. 2. You mentioned on HN that you gossip with other keyservers[1]. Since the gossip protocol is completely undocumented, do you know much about how it works? I've been trying to read the OCaml, but have been getting very lost. Hockeypuck[2] claims they can do this, but I don't think it's the same gossip protocol, right? 3. When gossiping, do you accept new keys from other sources that have a @whiteout.io domain? If I create a public key for "John Smith <[email protected]>" and upload it to pgp.mit.edu, will that be synced with your database? Third, FYI, there is CORS support for sks keyservers as of 1.1.5. Also, many keyservers are mirrored on port 443 and using root CA signed certs. I created an ajax publickey.js demo[3] using the https://keys.fedoraproject.org/ keyserver. You're right, though, that you can't just use hkps.pool.sks-keyservers.net, since the TLS certificate in that pool must be signed by the SKS CA (which isn't a root CA in pretty much every browser). Thanks again! Daniel [1]: https://news.ycombinator.com/item?id=9013852 [2]: https://hockeypuck.github.io/ [3]: https://diafygi.github.io/publickeyjs/ On Mon, Feb 9, 2015 at 12:58 AM, Tankred Hase <[email protected]> wrote: > Hi, > > we've added HKP key server support to Whiteout Wail and have written a > post about usability. Though I'd share it here: > > https://blog.whiteout.io/2015/02/06/making-pgp-key-management-invisible-so-johnny-can-encrypt/ > > Thanks for any feedback! > > Tankred > > -- > Whiteout Networks GmbH c/o Werk1 > Grafinger Str. 6 > D-81671 München > Geschäftsführer: Oliver Gajek > RG München HRB 204479 > _______________________________________________ > Messaging mailing list > [email protected] > https://moderncrypto.org/mailman/listinfo/messaging _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
