Re: [Sks-devel] Pool management is broken
Hi, I've checked both my servers keyserver.dobrev.[eu,it] and they seem fine and in-sync in terms of amount of keys yet they're listed as unavailable so I wonder what's the reason for that. Regards,Martin P.S. the message is not signed because I'm sending it from my mobile Sent from my Samsung Galaxy S9 - Powered by Three Original message From: "Kiss Gabor (Bitman)" Date: 27/06/2018 04:56 (GMT+00:00) To: sks-devel@nongnu.org Subject: [Sks-devel] Pool management is broken Page https://sks-keyservers.net/status/ is (almost) empty. Gabor ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
[Sks-devel] Pool management is broken
Page https://sks-keyservers.net/status/ is (almost) empty. Gabor ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] pool status page, not recognizing hkps
On Tue, 5 Jun 2018, Phil Pennock wrote: > https://bitbucket.org/skskeyserver/sks-keyserver/wiki/TLS%20Configuration > > I've updated it to be clearer about the need for manual action to join > the pool and to link to the instructions for doing so. | In practice, there's one well-run HKPS pool, which has pretty much defined | the semantics of HKP/TLS operation. This is run by Kristian Fiskerstrand in | Norway, and details of that pool's root CA are available at | https://sks-keyservers.net/verify_tls.php. To have your server join this | pool, read https://sks-keyservers.net/overview-of-pools.php#pool_hkps and | follow the instructions there. The only problem that Kristian has no time to care with certificate requests. We should talk about an other way of establishing HKPS pool. Gabor ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] pool status page, not recognizing hkps
On 2018-06-05 at 02:53 +0200, Paul Neuwirth wrote: > my keyserver keyserver.swabian.net has also hkps enabled on port=20 > 443 since several months now. > But in the pool status page I do not see hkps enabled. > Do I miss a DNS entry? or is something different wrong with my setup? https://bitbucket.org/skskeyserver/sks-keyserver/wiki/TLS%20Configuration I've updated it to be clearer about the need for manual action to join the pool and to link to the instructions for doing so. -Phil ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] pool status page, not recognizing hkps
This is a pool containing only servers available using hkps. Regular A and and SRV records are included for port 443 servers, and a lookup is performed for _pgpkey-https._tcp on the individual servers to determine if a hkps enabled service is listening on another port. At this point, however, servers not running on port 443 are not included. This pool only include servers that have been certified by the sks-keyservers.net CA, of which the certificate can be found at https://sks-keyservers.net/sks-keyservers.netCA.pem https://sks-keyservers.net/overview-of-pools.php Am 05.06.18 um 02:53 schrieb Paul Neuwirth: > This is an OpenPGP/MIME signed message (RFC2440, RFC3156). > > --=_MIME_CONTENT_BREAK_=_ESYVDRXTTLZGFRUADUKXAUICTLNKCYC_= > Content-Type: text/plain; charset="utf-8" > Content-Disposition: inline; filename="message.txt" > Content-Transfer-Encoding: quoted-printable > > Hello, > > my keyserver keyserver.swabian.net has also hkps enabled on port=20 > 443 since several months now. > But in the pool status page I do not see hkps enabled. > Do I miss a DNS entry? or is something different wrong with my setup? > > Thank you > > Paul > > --=_MIME_CONTENT_BREAK_=_ESYVDRXTTLZGFRUADUKXAUICTLNKCYC_= > Content-Type: application/pgp-signature > Content-Disposition: attachment; filename="signature.asc" > > -BEGIN PGP SIGNATURE- > Version: GnuPG v2 > Comment: Topal (http://freshmeat.net/projects/topal) > > iQIcBAEBAgAGBQJbFd77AAoJEIiaa+Y8YDPu2JgQAKevlE0EZ7TuZWZ/sy6/jUS4 > pxkUXqXvEMaQ+J+5BcudZuoi81Owp4HZO/iV3gCTAgJdMo7Dc46eebI0BQyxxqTj > dn/xU7GwEzW8m+oFa2ylxrtB5DWLvyubgiUrzExFSCftJJ7mCfsUbkhqqtKxT9Cm > gi9Zy0EYQ3/q/fEDRALhyv9iPJ+mCjtJrgf9bYcFEONcDdo7OmZBKneilIDGnh19 > ITBvm2Cx6Bh5f6Hx3kyvTPRxy5yP29KHJY7Eqdj98IjBAQ+FzNNrjXImqfx/9MkG > aVmg8g8I8fjTGk+dshkXyn83CS/BbZ0rgO0hKp5a+LQQPDUtQQt6ghL+NOsEIa1C > w3g4B+hvRJjxpJOvqgod8Up4iI9W69u8V94CshBJYaZM/Qg9oDFtWP0Tiblu1Wm4 > Ns/05yBHY3JRYnplbl2xlVt22Cw51h9R25mNpej+35a/qYxNn0HEPOhJkUw6FEbD > nXwu88y4kiPhK7dn/jGVcTwskEDeOTnHNbBCvCQ+7p1os7L13FLHkgI2clpl88lT > DIINCgi45/Un4Wiqsltoos6KVXr/RsIdrbhx/GDJErUwe6lZ/oqpFN4pCd9oen6Z > PSC6xlBNWQYwr4DEoaX+O7xNggkp+TBij/PQWuu0MufQSoZjPBy7WEg33MlmzheO > mt/9okUPD1GOe2gMyTc9 > =d8lS > -END PGP SIGNATURE- > > --=_MIME_CONTENT_BREAK_=_ESYVDRXTTLZGFRUADUKXAUICTLNKCYC_=-- > > ___ > Sks-devel mailing list > Sks-devel@nongnu.org > https://lists.nongnu.org/mailman/listinfo/sks-devel signature.asc Description: OpenPGP digital signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
[Sks-devel] pool status page, not recognizing hkps
This is an OpenPGP/MIME signed message (RFC2440, RFC3156). --=_MIME_CONTENT_BREAK_=_ESYVDRXTTLZGFRUADUKXAUICTLNKCYC_= Content-Type: text/plain; charset="utf-8" Content-Disposition: inline; filename="message.txt" Content-Transfer-Encoding: quoted-printable Hello, my keyserver keyserver.swabian.net has also hkps enabled on port=20 443 since several months now. But in the pool status page I do not see hkps enabled. Do I miss a DNS entry? or is something different wrong with my setup? Thank you Paul --=_MIME_CONTENT_BREAK_=_ESYVDRXTTLZGFRUADUKXAUICTLNKCYC_= Content-Type: application/pgp-signature Content-Disposition: attachment; filename="signature.asc" -BEGIN PGP SIGNATURE- Version: GnuPG v2 Comment: Topal (http://freshmeat.net/projects/topal) iQIcBAEBAgAGBQJbFd77AAoJEIiaa+Y8YDPu2JgQAKevlE0EZ7TuZWZ/sy6/jUS4 pxkUXqXvEMaQ+J+5BcudZuoi81Owp4HZO/iV3gCTAgJdMo7Dc46eebI0BQyxxqTj dn/xU7GwEzW8m+oFa2ylxrtB5DWLvyubgiUrzExFSCftJJ7mCfsUbkhqqtKxT9Cm gi9Zy0EYQ3/q/fEDRALhyv9iPJ+mCjtJrgf9bYcFEONcDdo7OmZBKneilIDGnh19 ITBvm2Cx6Bh5f6Hx3kyvTPRxy5yP29KHJY7Eqdj98IjBAQ+FzNNrjXImqfx/9MkG aVmg8g8I8fjTGk+dshkXyn83CS/BbZ0rgO0hKp5a+LQQPDUtQQt6ghL+NOsEIa1C w3g4B+hvRJjxpJOvqgod8Up4iI9W69u8V94CshBJYaZM/Qg9oDFtWP0Tiblu1Wm4 Ns/05yBHY3JRYnplbl2xlVt22Cw51h9R25mNpej+35a/qYxNn0HEPOhJkUw6FEbD nXwu88y4kiPhK7dn/jGVcTwskEDeOTnHNbBCvCQ+7p1os7L13FLHkgI2clpl88lT DIINCgi45/Un4Wiqsltoos6KVXr/RsIdrbhx/GDJErUwe6lZ/oqpFN4pCd9oen6Z PSC6xlBNWQYwr4DEoaX+O7xNggkp+TBij/PQWuu0MufQSoZjPBy7WEg33MlmzheO mt/9okUPD1GOe2gMyTc9 =d8lS -END PGP SIGNATURE- --=_MIME_CONTENT_BREAK_=_ESYVDRXTTLZGFRUADUKXAUICTLNKCYC_=-- ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] pool for Africa?
> On 06 Feb. 2018, at 18:53 , Andrew Gallagherwrote: > > On 06/02/18 16:45, Hendrik Visage wrote: >> Good day, >> >> As I’m busy setting up and deploying SKS servers at INX)ZA sites (three >> at present) and some of the other African peering points, the question >> arose: how many servers would be needed to make a sensible pool for Africa? > > There is an inbuilt assumption here, which is that "Africa" is a > meaningful division in the first place. In the world of network > topology, many African countries - particularly in the north - are > better connected to Europe than they are to their African neighbours… Granted, for the North then the eu.pool would be more appropriate :) Thus, perhaps I should then re-phrase: “A southern and eastern Africa pool” The group that I envisage to be part of that pool, have usually reasonable inter connections, and the deployments are to be at INXs, and at minimum intra-peering within these servers at the INXs. signature.asc Description: Message signed with OpenPGP ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] pool for Africa?
On 06/02/18 16:45, Hendrik Visage wrote: > Good day, > > As I’m busy setting up and deploying SKS servers at INX)ZA sites (three > at present) and some of the other African peering points, the question > arose: how many servers would be needed to make a sensible pool for Africa? There is an inbuilt assumption here, which is that "Africa" is a meaningful division in the first place. In the world of network topology, many African countries - particularly in the north - are better connected to Europe than they are to their African neighbours... -- Andrew Gallagher signature.asc Description: OpenPGP digital signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
[Sks-devel] pool for Africa?
Good day, As I’m busy setting up and deploying SKS servers at INX)ZA sites (three at present) and some of the other African peering points, the question arose: how many servers would be needed to make a sensible pool for Africa? --- Hendrik Visage HeViS.Co Systems Pty Ltd T/A Envisage Systems / Envisage Cloud Solutions +27-84-612-5345 or +27-21-945-1192 hvis...@envisage.co.za signature.asc Description: Message signed with OpenPGP ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] pool membership
On 04/10/2016 3:43 am, Brian Minton wrote: > How often do the scripts re-scan a host? Every hour (when it's up ;) ) signature.asc Description: OpenPGP digital signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] pool membership
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On October 3, 2016 10:43:21 PM EDT, Brian Mintonwrote: >-BEGIN PGP SIGNED MESSAGE- >Hash: SHA256 > >How often do the scripts re-scan a host? >-BEGIN PGP SIGNATURE- > >iF4EARYIAAYFAlfzFykACgkQN7lQes/yAW5RagD/bKOs7soR7zuhJjghWMVLGMC7 >F/0rReQ2WRcaVXbzCpEBANwwNLi2L+nAI3N0lIraBcnq7jWHD8nhL6eeWEYpJfcO >iF4EAREIAAYFAlfzFykACgkQa46zoGXPuqm0TQD/WJBMrWtLTlNUw4BIoKsyNjRa >5HXJ75axP9X9OqSK08oA/1wrbHPIfQN6U6GerHlkh2N9sLMc9Z8x67mv8WOoZKDf >=MEs+ >-END PGP SIGNATURE- > >___ >Sks-devel mailing list >Sks-devel@nongnu.org >https://lists.nongnu.org/mailman/listinfo/sks-devel I think it's once per hour IIRC. Been a while since my server was up, so I might be wrong on that one. -BEGIN PGP SIGNATURE- iQJCBAEBCgAsJRxBbnRvbnkgUHJpbmNlIDxhbnRvbnlAYmxhenJzb2Z0LmNvbT4F AlfzIC0ACgkQrz1AhzAbGxlGrhAAoxo/Yjgxkr9FQgrIKvljzEmgGYedwbFxe7BG F8t2HrpXjzny0qBCT3nZP9xVC7ADOu8zfj+crShFloIPCAYNhOU/2rU2/MtWgdfJ 8qzmw6q0XTx70boCxxy6WLuc5/wrWPcVs/oBaS425Jy1FEU0inX0l/YGPxejWIw2 +UXWLtN49tFGc++LNK4XKtCW2C+pjHVNdqYRkj2x/HsyBKwHh+pWvmwUlTg31Up5 W4LJ0zsySQpkOuheDjmJlsSNN1kxxh4MvbAbzQzIm5mwvwr7xxGI1WFizgsyce0J /eo/ffVP3ScWRpxkCMyJJ9ZSgmbVxBwm754gdcVQHJz2Q9l6YLCO2aa6shLE8X3E AsaDKOFj1BuNo9oFReDODb+2fggimjfarG+fwJlTvAF9Mcjxq2QXQW2l6WQmeNDn qG5kcgfdLtaQPQFS+LyMEnFySBVaGZTyHnGpuQQO1hQKnHs1wfziR3sozGHDGvbD 2Rql6R1F5nDI4wHzGiJDcCboDj0gUx2kg29gDqt31//+9X6U1QP57Wt/HHl5qKXf VeUx4Vu/2mQYiYLjC9dZLyP9g45khB6mfq5zZbgHww4nrDNnGlXKq8QADD+SaPrk HN74CQD6lR4uN30UUKaaxNcvj47SKjAzjnB3wiMeA+zbx8IvbC+b0W/wh3gwxDZY 7oM11Os= =79Nc -END PGP SIGNATURE- ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] pool membership
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 How often do the scripts re-scan a host? -BEGIN PGP SIGNATURE- iF4EARYIAAYFAlfzFykACgkQN7lQes/yAW5RagD/bKOs7soR7zuhJjghWMVLGMC7 F/0rReQ2WRcaVXbzCpEBANwwNLi2L+nAI3N0lIraBcnq7jWHD8nhL6eeWEYpJfcO iF4EAREIAAYFAlfzFykACgkQa46zoGXPuqm0TQD/WJBMrWtLTlNUw4BIoKsyNjRa 5HXJ75axP9X9OqSK08oA/1wrbHPIfQN6U6GerHlkh2N9sLMc9Z8x67mv8WOoZKDf =MEs+ -END PGP SIGNATURE- ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] pool membership
On 10/03/2016 11:22 PM, Kristian Fiskerstrand wrote: > On 10/03/2016 11:07 PM, Michael Jones wrote: >> Or perhaps this would be more appropriate as a possible future feature >> of the sks keyserver source? > > The underlying issue was non-gossiping of the particular server, not > something related to SKS per se (in this case caused by wrong config for > /pks/hashquery POST (HTTP/1.1 502 Proxy Error) requests on the reported > HTTP port as communicated with the operator) > You see the results of this in the [key development charts] btw, the server got hit with high number of keys, not gossipping it to the rest of the network so it got the max key count of the day. Then server dropped out for various reasons, resulting in negative growth, then showed up again... and bouncy bounce.. References: [key development charts] https://sks-keyservers.net/status/key_development.php -- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 "A ship is safe in harbour, but that's not what ships are for" (Will Shedd) signature.asc Description: OpenPGP digital signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] pool membership
On 10/03/2016 11:07 PM, Michael Jones wrote: > Or perhaps this would be more appropriate as a possible future feature > of the sks keyserver source? The underlying issue was non-gossiping of the particular server, not something related to SKS per se (in this case caused by wrong config for /pks/hashquery POST (HTTP/1.1 502 Proxy Error) requests on the reported HTTP port as communicated with the operator) -- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 "A ship is safe in harbour, but that's not what ships are for" (Will Shedd) signature.asc Description: OpenPGP digital signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] pool membership
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/10/16 21:44, Valentin Sundermann wrote: >> However, my key server, >>> keyserver.brian.minton.name, does not appear in the pool status >>> page. Not even in the "Servers currently not in the pool" >>> section. I thought it would automatically show up. Any >>> thoughts? > Your keyserver is on the exclusion list at Kristian's scanner[1]. > I think when somebody uploaded the cloned strong set to the > keyserver network[2], it was your server which got hit with it. > These issues should be over and so I guess Kristian will remove you > from this list when he reads it. > > Best regards, Valentin Interesting, Would it be of any value to introduce rate limiting on my set? maybe limit an ip after 100 new keys in 30 mins? (Lots of southern europe isp's nat through a single ip), so whatever the trigger limit it would have to be a high one. Once the initial trigger is hit it would be able to either slow down or disable uploading of keys from that ip for said time period. Even coming over tor or another distributed network to spam the service would cause a headache? Is there any value in looking into this? Or perhaps this would be more appropriate as a possible future feature of the sks keyserver source? Whatever the solution would need to be easily implemented on all peers. Just some thoughts... Kind Regards, Mike -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJX8siVAAoJEOYwtpHNe8FmrQAH/iE0rsKLztModP7rnBd07C3e PTppzo+WHRskyPrJ8AzAYeG9xvX4rQibYsjjX9+KHbZDx5D1p/q45icYivEnoxSy Y3AaM5BfPI5Cw+MHwVgEhd13NvwQojRyjqp1XGOb4+Nu+dlf38ejuyLxK0/fDTkX wgmbER7ItPVABZJPA7FgXH+sfJZyjl0U47BiaJ4pUMyUzXVUpHC7NkH3due84Ip8 QWmisJ15h2rKjSwQpLaB2QUlgwFcV3bywRcR4+K7MMC/sdmk2ugC4JFbxcq9qOjO Qu8i/xRo4qRjok4EnbS5O188bUznccmTIwY6mNH70zOUHQv1BVm/eOjCvq8MDbY= =ZV6l -END PGP SIGNATURE- ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] pool membership
> However, my key server, > keyserver.brian.minton.name, does not appear in the pool status page. Not even > in the "Servers currently not in the pool" section. I thought it would > automatically show up. Any thoughts? Your keyserver is on the exclusion list at Kristian's scanner[1]. I think when somebody uploaded the cloned strong set to the keyserver network[2], it was your server which got hit with it. These issues should be over and so I guess Kristian will remove you from this list when he reads it. Best regards, Valentin [1] https://git.sumptuouscapital.com/?p=sks-keyservers-pool.git;a=commit;h=09bdbef727a2694ae6df399736aaa4656cbeffee [2] https://lists.nongnu.org/archive/html/sks-devel/2016-08/msg00019.html signature.asc Description: OpenPGP digital signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] pool membership
On 10/03/2016 10:33 PM, Brian Minton wrote: > Now that I've cleaned out my membership file, and I'm gossiping with all my > peers, I seem to have caught up with the pool. However, my key server, > keyserver.brian.minton.name, does not appear in the pool status page. Not even > in the "Servers currently not in the pool" section. I thought it would > automatically show up. Any thoughts? Removed it from exclude list.. -- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 "A committee is a group that keeps minutes and loses hours." (Milton Berle) signature.asc Description: OpenPGP digital signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
[Sks-devel] pool membership
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Now that I've cleaned out my membership file, and I'm gossiping with all my peers, I seem to have caught up with the pool. However, my key server, keyserver.brian.minton.name, does not appear in the pool status page. Not even in the "Servers currently not in the pool" section. I thought it would automatically show up. Any thoughts? thanks, - -- Brian Minton brian at minton dot name http://brian.minton.name Live long, and prosper longer! OpenPGP fingerprint = 8213 71DD 4665 CF4F AE20 2206 0424 DC19 B678 A1A9 -BEGIN PGP SIGNATURE- iF4EARYIAAYFAlfywG8ACgkQN7lQes/yAW4JlwD/YRaLarjacAPEcAbuxn7bDGoz M2q5I3h4VyVlDVb4Bs0BALBmSoAx8L1skSn3USBgLvJGnzUlVQ8LDRAUGxW+KmME iF4EAREIAAYFAlfywHUACgkQa46zoGXPuqmSZQD/QN9gbf+KKDqEqAEz8vC4SM1S 54/LIOjjoGv4PnKjDnEA/2HAVyE+cnHYtYYNFGTa7bPJVo98C0XSciurDU+GWUy5 =DqPM -END PGP SIGNATURE- ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
[Sks-devel] Pool for port-80 reachable keyservers?
Hi! I was talking with some folks at a GPG crashcourse / Keysigning event last week where I was asked for a pool cointaining only keyservers reachable through standard HTTP(s) ports (usefull for example behind restrictive firewalls). As far as I know no such pool exists but maybe one could be created? (though checking if port 80 is open isn't enough to see if the keyserver supports port 80 -- it could deliver a completely different site there) Regards Christoph -- 9FED 5C6C E206 B70A 5857 70CA 9655 22B9 D49A E731 Debian Developer | Lisp Hacker | CaCert Assurer ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] Pool for port-80 reachable keyservers?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 2012-06-11 23:58, Christoph Egger wrote: Hi! I was talking with some folks at a GPG crashcourse / Keysigning event last week where I was asked for a pool cointaining only keyservers reachable through standard HTTP(s) ports (usefull for example behind restrictive firewalls). As far as I know no such pool exists but maybe one could be created? (though checking if port 80 is open isn't enough to see if the keyserver supports port 80 -- it could deliver a completely different site there) Hi Christoph, This already exists as per [0]; p80.pool.sks-keyservers.net This is a pool containing only servers available on port 80 (needs to be used as http://p80.pool.sks-keyservers.net:80) [0] http://sks-keyservers.net/overview-of-pools.php - -- - Kristian Fiskerstrand http://www.sumptuouscapital.com Twitter: @krifisk - Corruptissima re publica plurimæ leges The greater the degeneration of the republic, the more of its laws - This email was digitally signed using the OpenPGP standard. If you want to read more about this The book: Sending Emails - The Safe Way: An introduction to OpenPGP security is now available in both Amazon Kindle and Paperback format at http://www.amazon.com/dp/B006RSG1S4/ - Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/ -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCAAGBQJP1nA/AAoJEBbgz41rC5UIKyQP/3y3+NRmu2kkZWRF9Mriglc0 JNKmUsB2t8nJ+1ohUF8+j73YH1dvfkqRrXKzsqfjQr80dO45v0zi2O3//ErpQvOk JWvsCvMU1fj0eTR/BW2LS/bbL/VWzHpXwCWcr1LSaFci/iXngU0oW18Z84uzLj+c AgwVq3Hq0N8Gxzazm0Jg9ysyyk1G0YJ2gOW2KQkY7V5B7z4hAotysxF8WJuYT6pa PoJfn5LcQMaI9ytaxhIFeXdqzcw/BFwxj0dHMsNmRwAeWzLAqVhHVA5QAu914D6B cFonpsNfIOAPLEL846iTq9hZTiaKjPBL94P6JcceihVAIaUNWRF8VYdnM1kM6luQ /1Hgms2+QAxWKhnwEfkiDATlsI9j1xpZIxmzp68WUR8Wm/4Gh+m9WsImzYyM4UR/ WmiFZClh7oi4CDEWpAv6B970nb+yuIZRhUwFbxnU+vZAQC20TLaW0RzkIm2Xmyem 4KoKWZn5HVb+BZdMjJ9SQioFJ+QwKGvCh+nP+v1ZPDOBcZCZQNLpxi8Rlqt4FnrA +MhGL2Rwckekvl7VtqI+Sccu128eSPL+x1T/eu6XTivNCqsoY8FcNartqgk6SNwC UnWtLFKgp61hw8JyKNYfBtQ2gFnZ8XSYHIzLNKvJQg8P5+yAtLMJMGjFKEhXOYrp 74zBnAneK2XV3guI/QrJ =0IWa -END PGP SIGNATURE- ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
[Sks-devel] Pool
Hi, I just want to tribute my 0,2 Cents to the pool changes from Kristian. It seems to me that we were having a way smaller difference in the total keys numbers since the recent changes. I would assume that this is an effect from the minimum version change. We've lost around 30 servers in the pool but the remaining systems should provide a rock solid and heart touching service. And yes, i borrowed that slogan from Asus ;-) To sum it up, i like the changes in that direction Kristian :-) -- Mit freundlichen Grüßen / Yours sincerely Sebastian Urbach Religion is something left over from the infancy of our intelligence, it will fade away as we adopt reason and science as our guidelines. Bertrand Arthur William Russell (1872-1970), British philosopher, logician, mathematician, historian, and social critic. signature.asc Description: PGP signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] Pool website
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Mon, 27 Feb 2012 20:00:18 +0100 schrieb Kristian Fiskerstrand k...@sumptuouscapital.com: Hi, Thanks for the heads up, should be back up shortly. It was, but it's broken again. - -- Mit freundlichen Grüßen / Yours sincerely Sebastian Urbach - Religion is something left over from the infancy of our intelligence, it will fade away as we adopt reason and science as our guidelines. - Bertrand Arthur William Russell (1872-1970), British philosopher, logician, mathematician, historian, and social critic. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJPUKnVAAoJEKxH8PA7QzDevyMQAKU2hepmORLPNLZyNJDA5yv3 MzraegEkAwBpzcAPVjYhHrGNKHCrFN5vCvo23iRyCuZtQ1eqaL3XDsCz1nMwloGe G2KHg8uklulp7uegmZaiY8liG9EuOnc1RRiAWAyLqZidWl4Yn7v0rbC7HbcREUWv D3SJtQiuge3TFgYyzNTfS8skx8m6LnRadCponnZIZhsznCMKFe3yGtPlf7HAEBaA jTc6yGlosvaPIumWa1J2ii7yP3Wz4oj2FDgySKv6OBMMZxPea+nPzY9GPTvryp/5 YyWDm3XZS0s9hExmIasIH4ZFBQ0EKzoCuWCGKk69qJPsJJg9h5Y09PEbqijRQ/e5 1IDjzO9XcmBeH/CPX2+IF136fPbLRcuJRdMZ7DZhiQWMBHLuQm07RnGxb3XnYKwW F8fVJ/zkaTTViCvCdxi02wqKVjPSd0pL3BsX1wHR5ra6IUKxNIG8tdQwXaqcYkNi cT5SOqnwO9YKKBtZu7kXMYJct09LL7i8AwexTsX3aeQkBF+L23ak2tDn14lZ9JZk Fer0ePAcoEGJ2L1Zs9XS+yEP5XvOqUsgI+G1LxOPPxNo46JX6tYBq0WfvppIOUWu cO9pMA6k8Jn0DALyuHPvKh4iOLKvMSeoP79vBwbBawrD3AQsoDAnBKWlGp+sigZH 89AKFYBvoaO6MFM4BwlV =nHgn -END PGP SIGNATURE- ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
[Sks-devel] Pool website
Hi all, Am i missing something or is the IPv6 detection broken or is it just a problem with the pool website ? Kristian, please check it if possible. Thanks -- Mit freundlichen Grüßen / Yours sincerely Sebastian Urbach Religion is something left over from the infancy of our intelligence, it will fade away as we adopt reason and science as our guidelines. Bertrand Arthur William Russell (1872-1970), British philosopher, logician, mathematician, historian, and social critic. signature.asc Description: PGP signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] Pool website
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Sebastian Urbach wrote, On 02/27/2012 11:51 AM: Hi all, Am i missing something or is the IPv6 detection broken or is it just a problem with the pool website ? Kristian, please check it if possible. Thanks for the heads up, should be back up shortly. - -- - Kristian Fiskerstrand http://www.sumptuouscapital.com Twitter: @krifisk - Nomina stultorum scribuntur ubique locorum Fools have the habit of writing their names everywhere - This email was digitally signed using the OpenPGP standard. If you want to read more about this The book: Sending Emails - The Safe Way: An introduction to OpenPGP security is now available in both Amazon Kindle and Paperback format at http://www.amazon.com/dp/B006RSG1S4/ - Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/ -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) iQIcBAEBCAAGBQJPS9LCAAoJEBbgz41rC5UINwoP/0EANzj1UYzFdbGn8KqrZop1 0oe8fp/w3ErMBu8PVJcuM1sbmN+kt+RtZEVYs+YA33KeM6P/9TTPdC/lAFj5N2vC JVQsPBOcLZhUfW9N8+YnSIg1/yDgb84PM+Hf9/Ou5kwZ6GTwhcbC6TjkePeVq6dW 8V/dRzl6VM3qSUKeMJAwkKkqVvQpKZpLEk+xg7BY/Y9p7mIQtfnXmzNKOQOW7sZX 3JTi0yWloGZbJTWHPKj8nh1BV0iFaxV9fYIAt796cvQVTKaue/fXKLeoaK+vT+GF AEcteVpk+lnabqU8f8CQmR15oof8cvH7iDSgsVg668GX+ROFRU7hAiiHenvQOBzl iXic1LC7yCxqfZUs0qs9GCsXcvp63az8EaJmf8UCoL5W5VNYXrJEmAk2VXuiF3NE fr/AyiD6oyIBvjaGW+SWHUk8QQnhbNxBo3HKgpVtrUmdtOPIirSMOtLmZOlHCdMl 2ENvtYLqNZpl4DCtNcAE5vQF3bX6n/gasqLDQkVkMPDNrVWfSu2Jsx0g8RM1V2MP Ai7Yph8OapdirwPi7dOzJAEr18WDcWidj/oSa9M70gD/47XK41ItN/VnPt+poH1E /V2uWM1EiwqNccHpgIBM/QVhdUQyS7nSbtBMqIMHrIr/UEA1+X83sjCfIus/aqzD yymR63EGB/1tdcJTW8Wq =bSsQ -END PGP SIGNATURE- ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
[Sks-devel] Pool statistics not parsing 1.1.2's stats pages anymore
Hi Kristian. It seems the parser for the keyserver statistics pages doesn't grok the output from the new version anymore. The SKS servers running version 1.1.2 don't show any peers: http://sks-keyservers.net/status/info/sks.keyservers.net http://sks-keyservers.net/status/info/keyserver.gingerbear.net http://sks-keyservers.net/status/info/schluesseldienst.hauke-lampe.de Version 1.1.1 looks fine: http://sks-keyservers.net/status/info/keyserver.ccc-hanau.de The keyserver table has new summary attributes in the table tags. Maybe that's what irritates the parser: table summary=Keyserver Peers width=100% tr valign=toptd h2Gossip Peers/h2 table summary=Gossip Peers The output from version 1.1.1: table width=100% tr valign=TOPtd h2Gossip Peers/h2 table Hauke. signature.asc Description: OpenPGP digital signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] Pool statistics not parsing 1.1.2's stats pages anymore
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hauke Lampe wrote, On 09/23/2011 09:20 PM: Hi Kristian. It seems the parser for the keyserver statistics pages doesn't grok the output from the new version anymore. Thanks for the heads up, hopefully fixed now in r56 - -- - Kristian Fiskerstrand kristian.fiskerstr...@sumptuouscapital.com http://www.sumptuouscapital.com - Nosce te ipsum! Know thyself! - This email was digitally signed using the OpenPGP standard. If you want to read more about this, visit: http://www.secure-my-email.com - Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/ -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) iQIcBAEBCAAGBQJOfOatAAoJEBbgz41rC5UIr8EP/j286e2K5R1KBJNaqy2Mma68 15N5duVrcFeBpBoULTHaVGSJlVQxEj4cUwGn5qNjJCHAiotEYq7rEVU+STanS0ux PQTj0M6gn8UQwlVxAQnC5KHpvqNMUhcAbxQRGwCSVb4/DlaEHdoiFBiK4w2H/y9F Ujb6Rs+yXh6FmanJmrrvqdl2e9qrVv4Yr9Qm1KLwV6SCHDA5VPSsILJj5H9bCmb9 cSWjNkTLHAlRggZiMkdlgf/YDy5xHlgkFtb4wkPQgvnOv6uVYWHgZWjCynSD/idV D3U7jfmF672khXzrd/CaaPr3aOR68c2hjmdHBTYOl7C7ANtS+7GxYyqqPPqcgeek d4FmOnvDeA4YmzC7AeNpirWluN+3J45CDLY8223tlpbr8TKMXlDRxuiDZ7lL0e/s jtip0vwDNaS81lQpEpxgp6GnbUJDCIV1SilNQNmFGC8r1Af3ZO27WpepOnq8BbGl RIl8NBt36m8vvijtIRup2nBEQPXNcaCet3hPJA3lZ9AXVFkl2wznq6lrcwQVxOsC eJhcYhttpi6tACXEjPH3Qq9MZnQPjsdw4+phna2WP4PWfoxQIf0sDRlqiojPEl7K etQMn1QNJ6lvfQLWM56lc0wy8aXuT3aHlfpBHa7PwtAFmNdYFLPinhGD5n6CyZpu z9cE6ZLYwlfylMakfAF9 =XBLk -END PGP SIGNATURE- ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] Pool statistics not parsing 1.1.2's stats pages anymore
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1,SHA256 Hauke Lampe wrote: Hi Kristian. It seems the parser for the keyserver statistics pages doesn't grok the output from the new version anymore. The SKS servers running version 1.1.2 don't show any peers: http://sks-keyservers.net/status/info/sks.keyservers.net http://sks-keyservers.net/status/info/keyserver.gingerbear.net http://sks-keyservers.net/status/info/schluesseldienst.hauke-lampe.de Version 1.1.1 looks fine: http://sks-keyservers.net/status/info/keyserver.ccc-hanau.de The keyserver table has new summary attributes in the table tags. Maybe that's what irritates the parser: table summary=Keyserver Peers width=100% tr valign=toptd h2Gossip Peers/h2 table summary=Gossip Peers The output from version 1.1.1: table width=100% tr valign=TOPtd h2Gossip Peers/h2 table I noticed this on Gabor's post about NebrWesleyan.edu's cross-peering, but was busy with another problem. I just figured the parser was choking on being fed well-formed HTML :-) and Kristian would eventually get it fixed. Anyone else parsing stats or other SKS output should also take notice that 1.1.2's generated HTML passes XHTML 1.0 Strict now. - -John - -- John P. Clizbe Inet: John ( a ) Mozilla DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-k...@gingerbear.net?subject=HELP Raise your hand if you know someone who is alive only because you did not want to spend time in jail -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12-svn5502-2010-12-23 (Windows XP) Comment: When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl! Comment: Be part of the £33 ECHELON -- Use Strong Encryption. Comment: It's YOUR right - for the time being. Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJOfPE4AAoJECMTMVxDW9A0k8sH/iLNni65D7NEMt1T404Ah8ov u3sFZU5rcVTre+RglDnSxkgOmTTMc+vEUARktCLbegtYbmoLjx2PJaXJIZ2tc3cG tY7JAK4F9GyTfKTXmyee38QcX2N43vqIdCE+h1/Qj7kYll9J6XMCWBTwAwzmU/bA H4AERUeuqfCPcmR3F02EV/EDb0YWZ2ScKb00nkw6CujFf0K3R565OuNGILYhxtS8 fWBs43cpzoI1hBvwO/caJ43N/QaZtDRO4zrR/YSFJpYwYVicK6zq2PljrVpaC8CG jP5zGMYzqhz48MEgcpi8hAzyaeko3cAUU5d+gGIINRfUPWp83GKGiqJTtnhY3UyI XgQBEQgABgUCTnzxOAAKCRDrXhnz1laYJa5QAP4jBVHtom6FF8UeLIooqlBgf+18 HLDyPy8PUhNscpvFowD/WCqdozUehOsZrfSBrwhS8RtIbWsTCXpEDmd9n1OphEE= =wOsl -END PGP SIGNATURE- ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel