Re: [Sks-devel] Idea: dump should create keycount.txt
On 11/08/2012 02:07 AM, Phil Pennock wrote: ... Kristian, one feature request: please emit a line stating the checksum algorithm, so that it's easier to migrate in future? Especially since this is using MD5, which is leads to a second feature request. ;-) #Checksum-Algorithm: MD5\n This is a good idea, I'll update my patch later. At least, I think it's MD5, based on use of Digest and http://caml.inria.fr/pub/docs/manual-ocaml/libref/Digest.html saying MD5. Indeed MD5. As this is for detection of transfer corruption, and not prevention of intended attack that is IMHO Good Enough (TM). I'd rather prefer a clean ocaml-native setup to a reliance on an external library, however, since we are already using CryptoKit using this is more probable than anything else. I'm gonna look into the docs for that some more, however, for any change to have a practical effect it'd have to be handled in a post-processing script anyways adding digital signature, etc, so I don't necessarily see any large reason to shift away from MD5 for this purpose. Notably, because we already use CryptoKit, Hash.sha256() should be available. Doesn't have a filename-based method, but there's hash_channel. -- Kristian Fiskerstrand http://www.sumptuouscapital.com Twitter: @krifisk Uxor formosa et vinum sunt dulcia venena Beautiful women and wine are sweet venom This email was digitally signed using the OpenPGP standard. If you want to read more about this The book: Sending Emails - The Safe Way: An introduction to OpenPGP security is available in both Amazon Kindle and Paperback format at http://www.amazon.com/dp/B006RSG1S4/ Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/ signature.asc Description: OpenPGP digital signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] Idea: dump should create keycount.txt
On 11/08/2012 10:51 AM, Kristian Fiskerstrand wrote: On 11/08/2012 02:07 AM, Phil Pennock wrote: ... Kristian, one feature request: please emit a line stating the checksum algorithm, so that it's easier to migrate in future? Especially since this is using MD5, which is leads to a second feature request. ;-) #Checksum-Algorithm: MD5\n This is a good idea, I'll update my patch later. The patch [0] should now be updated to include the digest algorithm. . With the current format the easiest way to test the download is md5sum --quiet -c metadata-sks-dump.txt . gentoo4 dumptest # cat metadata-sks-dump.txt #Metadata-for: keys5.kfwebs.net #Dump-started: 2012-11-08 15:45:45 #Files-Count: 28 #Key-Count: 42 #Digest-algo: md5 ef5a257aa60e83319f3522d4555cc15c sks-dump-.pgp #Dump-ended: 2012-11-08 15:45:50 [0] https://bitbucket.org/kristianf/sks-keyserver-patches/src/tip/DUMP_METADATA?at=default -- Kristian Fiskerstrand http://www.sumptuouscapital.com Twitter: @krifisk Veni vidi velcro I came, I saw, I got stuck This email was digitally signed using the OpenPGP standard. If you want to read more about this The book: Sending Emails - The Safe Way: An introduction to OpenPGP security is available in both Amazon Kindle and Paperback format at http://www.amazon.com/dp/B006RSG1S4/ Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/ signature.asc Description: OpenPGP digital signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] Idea: dump should create keycount.txt
Phil Pennock wrote: What do folks think of the idea of having sks dump also create a file called [prefix]keycount.txt ? [...] Does this seem reasonable and worth coding? This sounds interesting, but I would go a step further. There are numerous information about a key dump that could be of interest. Thus a metadata file with serveral fields would be interesting. Something like [prefix].txt: Dump-Start-Date: 2012-11-07T15:35:42Z Hostname: keyserver.kim-minh.com Files-Count: 201 Checksums: cb89d21aa7e8df0902571a37f3b0625e322059ef8a619961b6b5b9be7a82799a sks-dump-.pgp [...] 37e87c7f33c0f43736b6a9960d7cc564af9b00987b69db8e58aeec3ad471ee2c sks-dump-0200.gpg Checksums: Key-Count: 3163896 Dump-End-Date 2012-11-07T15:47:13Z -- Kim Minh. ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] Idea: dump should create keycount.txt
Am Mittwoch, den 07.11.2012, 17:48 +0100 schrieb Kim Minh Kaplan: Phil Pennock wrote: What do folks think of the idea of having sks dump also create a file called [prefix]keycount.txt ? [...] Does this seem reasonable and worth coding? This sounds interesting, but I would go a step further. There are numerous information about a key dump that could be of interest. Thus a metadata file with serveral fields would be interesting. Something like [prefix].txt: Dump-Start-Date: 2012-11-07T15:35:42Z Hostname: keyserver.kim-minh.com Files-Count: 201 Checksums: cb89d21aa7e8df0902571a37f3b0625e322059ef8a619961b6b5b9be7a82799a sks-dump-.pgp [...] 37e87c7f33c0f43736b6a9960d7cc564af9b00987b69db8e58aeec3ad471ee2c sks-dump-0200.gpg Checksums: Key-Count: 3163896 Dump-End-Date 2012-11-07T15:47:13Z Hi, that was exactly the same what thought of. I'ld just go a little step further to xml, so machines could parse it more easily. Maybe something like dump hostnamekeyserver.kim-minh.com/hostname count201/count files file namesks-dump-.pgp/name checksum type=md5cb89d21aa7e8df0902571a37f3b0625e322059ef8a619961b6b5b9be7a82799a/checksum keys15000/keys /file ... /files date start/start end.../end /date dump cheers, - Stephan signature.asc Description: This is a digitally signed message part ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] Idea: dump should create keycount.txt
On 11/07/2012 12:06 PM, Stephan Seitz wrote: that was exactly the same what thought of. I'ld just go a little step further to xml, so machines could parse it more easily. for simple data like we're talking about, Kim's proposed syntax seems at least as easy for a machine to parse as XML, and much easier for a human to scan and make sense of. I'd personally like to avoid requiring an XML parser if we can help it. --dkg signature.asc Description: OpenPGP digital signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] Idea: dump should create keycount.txt
Am Mittwoch, den 07.11.2012, 12:34 -0500 schrieb Daniel Kahn Gillmor: for simple data like we're talking about, Kim's proposed syntax seems at least as easy for a machine to parse as XML, and much easier for a human to scan and make sense of. I'd personally like to avoid requiring an XML parser if we can help it. it was just the idea that most (if not all) people which have the need or at least a benefit from that proposed file, are natively speaking XML ;) and if it's getting implemented, I assume it wont make a difference to printf() xml or somehow formatted text. It's just a personal preference, I simply like outputs that can be verified and validated. For that particular file you're obviously right and xml would be an overkill, since the only use I can imagine would be a synchronization mechanism of a keydump mesh... So, yes, stay with text. signature.asc Description: This is a digitally signed message part ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
[Sks-devel] Idea: dump should create keycount.txt
What do folks think of the idea of having sks dump also create a file called [prefix]keycount.txt ? That way, folks who make dumps available will have a really easy way to also make a count of the keys available; depending on how they set up the dumping, it might even happen automatically with no extra work on their part. Does this seem reasonable and worth coding? -Phil ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] Idea: dump should create keycount.txt
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, Am 07.11.12 02:36, schrieb Phil Pennock: What do folks think of the idea of having sks dump also create a file called [prefix]keycount.txt ? 8 - snip - 8 In regard to the latest peering request of Ronny Wagner and the recent need of John to point out the out-of-sync-ness of some dump sites, I think this is a really good idea. Its not very hard to find keyserver-statistics for most of the dump site's keyservers, but when hosted on a different machine, in a different domain etc, things get more complicated. If the file is generated at the successful completion of the dump, one could assure (by checking if the mere existance of the file) that the dump itself has finished. Timezones alone put the idea of doing the dump at night beyond the limits of impossible. :) Do you think, including accurate dump-time, keyserver the dump is from etc. would be a good idea, too? I think it should be an option. /Joel -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlCaD9AACgkQcTUy7qkh6yDPtQCg+foFc5Hqo8SOnHGeJiMk6CNj nzwAoM1yqLu7tg7R7N8c1naixSioLVUG =c+qr -END PGP SIGNATURE- ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel