Re: [Sks-devel] Pool management is broken

[Martin Dobrev]

Hi,
I've checked both my servers keyserver.dobrev.[eu,it] and they seem fine and 
in-sync in terms of amount of keys yet they're listed as unavailable so I 
wonder what's the reason for that. 

Regards,Martin
P.S. the message is not signed because I'm sending it from my mobile


Sent from my Samsung Galaxy S9 - Powered by Three
 Original message From: "Kiss Gabor (Bitman)" 
 Date: 27/06/2018  04:56  (GMT+00:00) To: 
sks-devel@nongnu.org Subject: [Sks-devel] Pool management is broken 
Page https://sks-keyservers.net/status/ is (almost) empty.

Gabor

___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

[Sks-devel] Pool management is broken

[Kiss Gabor (Bitman)]

Page https://sks-keyservers.net/status/ is (almost) empty.

Gabor

___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] pool status page, not recognizing hkps

[Kiss Gabor (Bitman)]

On Tue, 5 Jun 2018, Phil Pennock wrote:

> https://bitbucket.org/skskeyserver/sks-keyserver/wiki/TLS%20Configuration
> 
> I've updated it to be clearer about the need for manual action to join
> the pool and to link to the instructions for doing so.

| In practice, there's one well-run HKPS pool, which has pretty much defined
| the semantics of HKP/TLS operation. This is run by Kristian Fiskerstrand in
| Norway, and details of that pool's root CA are available at
| https://sks-keyservers.net/verify_tls.php. To have your server join this
| pool, read https://sks-keyservers.net/overview-of-pools.php#pool_hkps and
| follow the instructions there.

The only problem that Kristian has no time to care with certificate requests.
We should talk about an other way of establishing HKPS pool.

Gabor

___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] pool status page, not recognizing hkps

[Phil Pennock]

On 2018-06-05 at 02:53 +0200, Paul Neuwirth wrote:
> my keyserver keyserver.swabian.net has also hkps enabled on port=20
> 443 since several months now.
> But in the pool status page I do not see hkps enabled.
> Do I miss a DNS entry? or is something different wrong with my setup?

https://bitbucket.org/skskeyserver/sks-keyserver/wiki/TLS%20Configuration

I've updated it to be clearer about the need for manual action to join
the pool and to link to the instructions for doing so.

-Phil

___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] pool status page, not recognizing hkps

[Moritz Wirth]

This is a pool containing only servers available using hkps. Regular A
and  and SRV records are included for port 443 servers, and a lookup
is performed for _pgpkey-https._tcp on the individual servers to
determine if a hkps enabled service is listening on another port. At
this point, however, servers not running on port 443 are not included.
This pool only include servers that have been certified by the
sks-keyservers.net CA, of which the certificate can be found at
https://sks-keyservers.net/sks-keyservers.netCA.pem

https://sks-keyservers.net/overview-of-pools.php

Am 05.06.18 um 02:53 schrieb Paul Neuwirth:
> This is an OpenPGP/MIME signed message (RFC2440, RFC3156).
>
> --=_MIME_CONTENT_BREAK_=_ESYVDRXTTLZGFRUADUKXAUICTLNKCYC_=
> Content-Type: text/plain; charset="utf-8"
> Content-Disposition: inline; filename="message.txt"
> Content-Transfer-Encoding: quoted-printable
>
> Hello,
>
> my keyserver keyserver.swabian.net has also hkps enabled on port=20
> 443 since several months now.
> But in the pool status page I do not see hkps enabled.
> Do I miss a DNS entry? or is something different wrong with my setup?
>
> Thank you
>
> Paul
>
> --=_MIME_CONTENT_BREAK_=_ESYVDRXTTLZGFRUADUKXAUICTLNKCYC_=
> Content-Type: application/pgp-signature
> Content-Disposition: attachment; filename="signature.asc"
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v2
> Comment: Topal (http://freshmeat.net/projects/topal)
>
> iQIcBAEBAgAGBQJbFd77AAoJEIiaa+Y8YDPu2JgQAKevlE0EZ7TuZWZ/sy6/jUS4
> pxkUXqXvEMaQ+J+5BcudZuoi81Owp4HZO/iV3gCTAgJdMo7Dc46eebI0BQyxxqTj
> dn/xU7GwEzW8m+oFa2ylxrtB5DWLvyubgiUrzExFSCftJJ7mCfsUbkhqqtKxT9Cm
> gi9Zy0EYQ3/q/fEDRALhyv9iPJ+mCjtJrgf9bYcFEONcDdo7OmZBKneilIDGnh19
> ITBvm2Cx6Bh5f6Hx3kyvTPRxy5yP29KHJY7Eqdj98IjBAQ+FzNNrjXImqfx/9MkG
> aVmg8g8I8fjTGk+dshkXyn83CS/BbZ0rgO0hKp5a+LQQPDUtQQt6ghL+NOsEIa1C
> w3g4B+hvRJjxpJOvqgod8Up4iI9W69u8V94CshBJYaZM/Qg9oDFtWP0Tiblu1Wm4
> Ns/05yBHY3JRYnplbl2xlVt22Cw51h9R25mNpej+35a/qYxNn0HEPOhJkUw6FEbD
> nXwu88y4kiPhK7dn/jGVcTwskEDeOTnHNbBCvCQ+7p1os7L13FLHkgI2clpl88lT
> DIINCgi45/Un4Wiqsltoos6KVXr/RsIdrbhx/GDJErUwe6lZ/oqpFN4pCd9oen6Z
> PSC6xlBNWQYwr4DEoaX+O7xNggkp+TBij/PQWuu0MufQSoZjPBy7WEg33MlmzheO
> mt/9okUPD1GOe2gMyTc9
> =d8lS
> -END PGP SIGNATURE-
>
> --=_MIME_CONTENT_BREAK_=_ESYVDRXTTLZGFRUADUKXAUICTLNKCYC_=--
>
> ___
> Sks-devel mailing list
> Sks-devel@nongnu.org
> https://lists.nongnu.org/mailman/listinfo/sks-devel




signature.asc
Description: OpenPGP digital signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

[Sks-devel] pool status page, not recognizing hkps

[Paul Neuwirth]

This is an OpenPGP/MIME signed message (RFC2440, RFC3156).

--=_MIME_CONTENT_BREAK_=_ESYVDRXTTLZGFRUADUKXAUICTLNKCYC_=
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline; filename="message.txt"
Content-Transfer-Encoding: quoted-printable

Hello,

my keyserver keyserver.swabian.net has also hkps enabled on port=20
443 since several months now.
But in the pool status page I do not see hkps enabled.
Do I miss a DNS entry? or is something different wrong with my setup?

Thank you

Paul

--=_MIME_CONTENT_BREAK_=_ESYVDRXTTLZGFRUADUKXAUICTLNKCYC_=
Content-Type: application/pgp-signature
Content-Disposition: attachment; filename="signature.asc"

-BEGIN PGP SIGNATURE-
Version: GnuPG v2
Comment: Topal (http://freshmeat.net/projects/topal)

iQIcBAEBAgAGBQJbFd77AAoJEIiaa+Y8YDPu2JgQAKevlE0EZ7TuZWZ/sy6/jUS4
pxkUXqXvEMaQ+J+5BcudZuoi81Owp4HZO/iV3gCTAgJdMo7Dc46eebI0BQyxxqTj
dn/xU7GwEzW8m+oFa2ylxrtB5DWLvyubgiUrzExFSCftJJ7mCfsUbkhqqtKxT9Cm
gi9Zy0EYQ3/q/fEDRALhyv9iPJ+mCjtJrgf9bYcFEONcDdo7OmZBKneilIDGnh19
ITBvm2Cx6Bh5f6Hx3kyvTPRxy5yP29KHJY7Eqdj98IjBAQ+FzNNrjXImqfx/9MkG
aVmg8g8I8fjTGk+dshkXyn83CS/BbZ0rgO0hKp5a+LQQPDUtQQt6ghL+NOsEIa1C
w3g4B+hvRJjxpJOvqgod8Up4iI9W69u8V94CshBJYaZM/Qg9oDFtWP0Tiblu1Wm4
Ns/05yBHY3JRYnplbl2xlVt22Cw51h9R25mNpej+35a/qYxNn0HEPOhJkUw6FEbD
nXwu88y4kiPhK7dn/jGVcTwskEDeOTnHNbBCvCQ+7p1os7L13FLHkgI2clpl88lT
DIINCgi45/Un4Wiqsltoos6KVXr/RsIdrbhx/GDJErUwe6lZ/oqpFN4pCd9oen6Z
PSC6xlBNWQYwr4DEoaX+O7xNggkp+TBij/PQWuu0MufQSoZjPBy7WEg33MlmzheO
mt/9okUPD1GOe2gMyTc9
=d8lS
-END PGP SIGNATURE-

--=_MIME_CONTENT_BREAK_=_ESYVDRXTTLZGFRUADUKXAUICTLNKCYC_=--

___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] pool for Africa?

[Hendrik Visage]

> On 06 Feb. 2018, at 18:53 , Andrew Gallagher  wrote:
> 
> On 06/02/18 16:45, Hendrik Visage wrote:
>> Good day,
>> 
>>  As I’m busy setting up and deploying SKS servers at INX)ZA sites (three
>> at present) and some of the other African peering points, the question
>> arose: how many servers would be needed to make a sensible pool for Africa?
> 
> There is an inbuilt assumption here, which is that "Africa" is a
> meaningful division in the first place. In the world of network
> topology, many African countries - particularly in the north - are
> better connected to Europe than they are to their African neighbours…

Granted, for the North then the eu.pool would be more appropriate :)

Thus, perhaps I should then re-phrase: “A southern and  eastern Africa pool”
The group that I envisage to be part of that pool, have usually reasonable 
inter connections, and the deployments are to be at INXs, and at minimum 
intra-peering within these servers at the INXs.



signature.asc
Description: Message signed with OpenPGP
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] pool for Africa?

[Andrew Gallagher]

On 06/02/18 16:45, Hendrik Visage wrote:
> Good day,
> 
>  As I’m busy setting up and deploying SKS servers at INX)ZA sites (three
> at present) and some of the other African peering points, the question
> arose: how many servers would be needed to make a sensible pool for Africa?

There is an inbuilt assumption here, which is that "Africa" is a
meaningful division in the first place. In the world of network
topology, many African countries - particularly in the north - are
better connected to Europe than they are to their African neighbours...

-- 
Andrew Gallagher



signature.asc
Description: OpenPGP digital signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

[Sks-devel] pool for Africa?

[Hendrik Visage]

Good day,

 As I’m busy setting up and deploying SKS servers at INX)ZA sites (three at 
present) and some of the other African peering points, the question arose: how 
many servers would be needed to make a sensible pool for Africa?

---
Hendrik Visage
HeViS.Co Systems Pty Ltd
T/A Envisage Systems / Envisage Cloud Solutions
+27-84-612-5345 or +27-21-945-1192
hvis...@envisage.co.za





signature.asc
Description: Message signed with OpenPGP
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] pool membership

[Danny Horne]

On 04/10/2016 3:43 am, Brian Minton wrote:
> How often do the scripts re-scan a host?


Every hour (when it's up ;) )



signature.asc
Description: OpenPGP digital signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] pool membership

[Antony Prince]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On October 3, 2016 10:43:21 PM EDT, Brian Minton  wrote:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA256
>
>How often do the scripts re-scan a host?
>-BEGIN PGP SIGNATURE-
>
>iF4EARYIAAYFAlfzFykACgkQN7lQes/yAW5RagD/bKOs7soR7zuhJjghWMVLGMC7
>F/0rReQ2WRcaVXbzCpEBANwwNLi2L+nAI3N0lIraBcnq7jWHD8nhL6eeWEYpJfcO
>iF4EAREIAAYFAlfzFykACgkQa46zoGXPuqm0TQD/WJBMrWtLTlNUw4BIoKsyNjRa
>5HXJ75axP9X9OqSK08oA/1wrbHPIfQN6U6GerHlkh2N9sLMc9Z8x67mv8WOoZKDf
>=MEs+
>-END PGP SIGNATURE-
>
>___
>Sks-devel mailing list
>Sks-devel@nongnu.org
>https://lists.nongnu.org/mailman/listinfo/sks-devel

I think it's once per hour IIRC. Been a while since my server was up, so I 
might be wrong on that one.
-BEGIN PGP SIGNATURE-

iQJCBAEBCgAsJRxBbnRvbnkgUHJpbmNlIDxhbnRvbnlAYmxhenJzb2Z0LmNvbT4F
AlfzIC0ACgkQrz1AhzAbGxlGrhAAoxo/Yjgxkr9FQgrIKvljzEmgGYedwbFxe7BG
F8t2HrpXjzny0qBCT3nZP9xVC7ADOu8zfj+crShFloIPCAYNhOU/2rU2/MtWgdfJ
8qzmw6q0XTx70boCxxy6WLuc5/wrWPcVs/oBaS425Jy1FEU0inX0l/YGPxejWIw2
+UXWLtN49tFGc++LNK4XKtCW2C+pjHVNdqYRkj2x/HsyBKwHh+pWvmwUlTg31Up5
W4LJ0zsySQpkOuheDjmJlsSNN1kxxh4MvbAbzQzIm5mwvwr7xxGI1WFizgsyce0J
/eo/ffVP3ScWRpxkCMyJJ9ZSgmbVxBwm754gdcVQHJz2Q9l6YLCO2aa6shLE8X3E
AsaDKOFj1BuNo9oFReDODb+2fggimjfarG+fwJlTvAF9Mcjxq2QXQW2l6WQmeNDn
qG5kcgfdLtaQPQFS+LyMEnFySBVaGZTyHnGpuQQO1hQKnHs1wfziR3sozGHDGvbD
2Rql6R1F5nDI4wHzGiJDcCboDj0gUx2kg29gDqt31//+9X6U1QP57Wt/HHl5qKXf
VeUx4Vu/2mQYiYLjC9dZLyP9g45khB6mfq5zZbgHww4nrDNnGlXKq8QADD+SaPrk
HN74CQD6lR4uN30UUKaaxNcvj47SKjAzjnB3wiMeA+zbx8IvbC+b0W/wh3gwxDZY
7oM11Os=
=79Nc
-END PGP SIGNATURE-


___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] pool membership

[Brian Minton]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

How often do the scripts re-scan a host?
-BEGIN PGP SIGNATURE-

iF4EARYIAAYFAlfzFykACgkQN7lQes/yAW5RagD/bKOs7soR7zuhJjghWMVLGMC7
F/0rReQ2WRcaVXbzCpEBANwwNLi2L+nAI3N0lIraBcnq7jWHD8nhL6eeWEYpJfcO
iF4EAREIAAYFAlfzFykACgkQa46zoGXPuqm0TQD/WJBMrWtLTlNUw4BIoKsyNjRa
5HXJ75axP9X9OqSK08oA/1wrbHPIfQN6U6GerHlkh2N9sLMc9Z8x67mv8WOoZKDf
=MEs+
-END PGP SIGNATURE-

___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] pool membership

[Kristian Fiskerstrand]

On 10/03/2016 11:22 PM, Kristian Fiskerstrand wrote:
> On 10/03/2016 11:07 PM, Michael Jones wrote:
>> Or perhaps this would be more appropriate as a possible future feature
>> of the sks keyserver source?
> 
> The underlying issue was non-gossiping of the particular server, not
> something related to SKS per se (in this case caused by wrong config for
> /pks/hashquery POST (HTTP/1.1 502 Proxy Error)  requests on the reported
> HTTP port as communicated with the operator)
> 

You see the results of this in the [key development charts] btw, the
server got hit with high number of keys, not gossipping it to the rest
of the network so it got the max key count of the day. Then server
dropped out for various reasons, resulting in negative growth, then
showed up again... and bouncy bounce..

References:
[key development charts]
https://sks-keyservers.net/status/key_development.php
-- 

Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk

Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3

"A ship is safe in harbour, but that's not what ships are for"
(Will Shedd)



signature.asc
Description: OpenPGP digital signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] pool membership

[Kristian Fiskerstrand]

On 10/03/2016 11:07 PM, Michael Jones wrote:
> Or perhaps this would be more appropriate as a possible future feature
> of the sks keyserver source?

The underlying issue was non-gossiping of the particular server, not
something related to SKS per se (in this case caused by wrong config for
/pks/hashquery POST (HTTP/1.1 502 Proxy Error)  requests on the reported
HTTP port as communicated with the operator)

-- 

Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk

Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3

"A ship is safe in harbour, but that's not what ships are for"
(Will Shedd)



signature.asc
Description: OpenPGP digital signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] pool membership

[Michael Jones]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 03/10/16 21:44, Valentin Sundermann wrote:
>> However, my key server,
>>> keyserver.brian.minton.name, does not appear in the pool status
>>> page. Not even in the "Servers currently not in the pool"
>>> section.  I thought it would automatically show up.  Any
>>> thoughts?
> Your keyserver is on the exclusion list at Kristian's scanner[1].
> I think when somebody uploaded the cloned strong set to the
> keyserver network[2], it was your server which got hit with it. 
> These issues should be over and so I guess Kristian will remove you
> from this list when he reads it.
> 
> Best regards, Valentin

Interesting,

Would it be of any value to introduce rate limiting on my set? maybe
limit an ip after 100 new keys in 30 mins?

(Lots of southern europe isp's nat through a single ip), so whatever
the trigger limit it would have to be a high one. Once the initial
trigger is hit it would be able to either slow down or disable
uploading of keys from that ip for said time period.

Even coming over tor or another distributed network to spam the
service would cause a headache?

Is there any value in looking into this?

Or perhaps this would be more appropriate as a possible future feature
of the sks keyserver source?

Whatever the solution would need to be easily implemented on all peers.

Just some thoughts...

Kind Regards,
Mike
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQEcBAEBCAAGBQJX8siVAAoJEOYwtpHNe8FmrQAH/iE0rsKLztModP7rnBd07C3e
PTppzo+WHRskyPrJ8AzAYeG9xvX4rQibYsjjX9+KHbZDx5D1p/q45icYivEnoxSy
Y3AaM5BfPI5Cw+MHwVgEhd13NvwQojRyjqp1XGOb4+Nu+dlf38ejuyLxK0/fDTkX
wgmbER7ItPVABZJPA7FgXH+sfJZyjl0U47BiaJ4pUMyUzXVUpHC7NkH3due84Ip8
QWmisJ15h2rKjSwQpLaB2QUlgwFcV3bywRcR4+K7MMC/sdmk2ugC4JFbxcq9qOjO
Qu8i/xRo4qRjok4EnbS5O188bUznccmTIwY6mNH70zOUHQv1BVm/eOjCvq8MDbY=
=ZV6l
-END PGP SIGNATURE-

___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] pool membership

[Valentin Sundermann]

> However, my key server,
> keyserver.brian.minton.name, does not appear in the pool status page. Not even
> in the "Servers currently not in the pool" section.  I thought it would
> automatically show up.  Any thoughts?
Your keyserver is on the exclusion list at Kristian's scanner[1]. I
think when somebody uploaded the cloned strong set to the keyserver
network[2], it was your server which got hit with it.
These issues should be over and so I guess Kristian will remove you from
this list when he reads it.

Best regards,
Valentin


[1]
https://git.sumptuouscapital.com/?p=sks-keyservers-pool.git;a=commit;h=09bdbef727a2694ae6df399736aaa4656cbeffee
[2] https://lists.nongnu.org/archive/html/sks-devel/2016-08/msg00019.html



signature.asc
Description: OpenPGP digital signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] pool membership

[Kristian Fiskerstrand]

On 10/03/2016 10:33 PM, Brian Minton wrote:
> Now that I've cleaned out my membership file, and I'm gossiping with all my
> peers, I seem to have caught up with the pool.  However, my key server,
> keyserver.brian.minton.name, does not appear in the pool status page. Not even
> in the "Servers currently not in the pool" section.  I thought it would
> automatically show up.  Any thoughts?

Removed it from exclude list..

-- 

Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk

Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3

"A committee is a group that keeps minutes and loses hours."
(Milton Berle)



signature.asc
Description: OpenPGP digital signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

[Sks-devel] pool membership

[Brian Minton]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Now that I've cleaned out my membership file, and I'm gossiping with all my
peers, I seem to have caught up with the pool.  However, my key server,
keyserver.brian.minton.name, does not appear in the pool status page. Not even
in the "Servers currently not in the pool" section.  I thought it would
automatically show up.  Any thoughts?

thanks,
- -- 
Brian Minton
brian at minton dot name http://brian.minton.name
Live long, and prosper longer!
OpenPGP fingerprint = 8213 71DD 4665 CF4F AE20  2206 0424 DC19 B678 A1A9
-BEGIN PGP SIGNATURE-

iF4EARYIAAYFAlfywG8ACgkQN7lQes/yAW4JlwD/YRaLarjacAPEcAbuxn7bDGoz
M2q5I3h4VyVlDVb4Bs0BALBmSoAx8L1skSn3USBgLvJGnzUlVQ8LDRAUGxW+KmME
iF4EAREIAAYFAlfywHUACgkQa46zoGXPuqmSZQD/QN9gbf+KKDqEqAEz8vC4SM1S
54/LIOjjoGv4PnKjDnEA/2HAVyE+cnHYtYYNFGTa7bPJVo98C0XSciurDU+GWUy5
=DqPM
-END PGP SIGNATURE-

___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

[Sks-devel] Pool for port-80 reachable keyservers?

[Christoph Egger]

Hi!

  I was talking with some folks at a GPG crashcourse / Keysigning event
last week where I was asked for a pool cointaining only keyservers
reachable through standard HTTP(s) ports (usefull for example behind
restrictive firewalls). As far as I know no such pool exists but maybe
one could be created? (though checking if port 80 is open isn't enough
to see if the keyserver supports port 80 -- it could deliver a
completely different site there)

Regards

Christoph
-- 
9FED 5C6C E206 B70A 5857  70CA 9655 22B9 D49A E731
Debian Developer | Lisp Hacker | CaCert Assurer

___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] Pool for port-80 reachable keyservers?

[Kristian Fiskerstrand]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 2012-06-11 23:58, Christoph Egger wrote:
 Hi!
 
 I was talking with some folks at a GPG crashcourse / Keysigning
 event last week where I was asked for a pool cointaining only
 keyservers reachable through standard HTTP(s) ports (usefull for
 example behind restrictive firewalls). As far as I know no such
 pool exists but maybe one could be created? (though checking if
 port 80 is open isn't enough to see if the keyserver supports port
 80 -- it could deliver a completely different site there)
 

Hi Christoph,

This already exists as per [0]; p80.pool.sks-keyservers.net

This is a pool containing only servers available on port 80 (needs to
be used as http://p80.pool.sks-keyservers.net:80)

[0] http://sks-keyservers.net/overview-of-pools.php

- -- 
- 
Kristian Fiskerstrand
http://www.sumptuouscapital.com
Twitter: @krifisk
- 
Corruptissima re publica plurimæ leges
The greater the degeneration of the republic, the more of its laws
- 
This email was digitally signed using the OpenPGP
standard. If you want to read more about this
The book: Sending Emails - The Safe Way: An
introduction to OpenPGP security is now
available in both Amazon Kindle and Paperback
format at
http://www.amazon.com/dp/B006RSG1S4/
- 
Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.19 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJP1nA/AAoJEBbgz41rC5UIKyQP/3y3+NRmu2kkZWRF9Mriglc0
JNKmUsB2t8nJ+1ohUF8+j73YH1dvfkqRrXKzsqfjQr80dO45v0zi2O3//ErpQvOk
JWvsCvMU1fj0eTR/BW2LS/bbL/VWzHpXwCWcr1LSaFci/iXngU0oW18Z84uzLj+c
AgwVq3Hq0N8Gxzazm0Jg9ysyyk1G0YJ2gOW2KQkY7V5B7z4hAotysxF8WJuYT6pa
PoJfn5LcQMaI9ytaxhIFeXdqzcw/BFwxj0dHMsNmRwAeWzLAqVhHVA5QAu914D6B
cFonpsNfIOAPLEL846iTq9hZTiaKjPBL94P6JcceihVAIaUNWRF8VYdnM1kM6luQ
/1Hgms2+QAxWKhnwEfkiDATlsI9j1xpZIxmzp68WUR8Wm/4Gh+m9WsImzYyM4UR/
WmiFZClh7oi4CDEWpAv6B970nb+yuIZRhUwFbxnU+vZAQC20TLaW0RzkIm2Xmyem
4KoKWZn5HVb+BZdMjJ9SQioFJ+QwKGvCh+nP+v1ZPDOBcZCZQNLpxi8Rlqt4FnrA
+MhGL2Rwckekvl7VtqI+Sccu128eSPL+x1T/eu6XTivNCqsoY8FcNartqgk6SNwC
UnWtLFKgp61hw8JyKNYfBtQ2gFnZ8XSYHIzLNKvJQg8P5+yAtLMJMGjFKEhXOYrp
74zBnAneK2XV3guI/QrJ
=0IWa
-END PGP SIGNATURE-


___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

[Sks-devel] Pool

[Sebastian Urbach]

Hi,

I just want to tribute my 0,2 Cents to the pool changes from Kristian.
It seems to me that we were having a way smaller difference in
the total keys numbers since the recent changes.

I would assume that this is an effect from the minimum version
change. We've lost around 30 servers in the pool but the
remaining systems should provide a rock solid and heart touching
service. And yes, i borrowed that slogan from Asus ;-)

To sum it up, i like the changes in that direction Kristian :-)  

-- 
Mit freundlichen Grüßen / Yours sincerely

Sebastian Urbach


Religion is something left over from the infancy of
our intelligence, it will fade away as we adopt
reason and science as our guidelines.


Bertrand Arthur William Russell (1872-1970),
British philosopher, logician, mathematician,
historian, and social critic.


signature.asc
Description: PGP signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] Pool website

[Sebastian Urbach]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Am Mon, 27 Feb 2012 20:00:18 +0100
schrieb Kristian Fiskerstrand k...@sumptuouscapital.com:

Hi,

 Thanks for the heads up, should be back up shortly.

It was, but it's broken again.

- -- 
Mit freundlichen Grüßen / Yours sincerely

Sebastian Urbach

- 
Religion is something left over from the infancy of
our intelligence, it will fade away as we adopt
reason and science as our guidelines.
- 

Bertrand Arthur William Russell (1872-1970),
British philosopher, logician, mathematician,
historian, and social critic.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJPUKnVAAoJEKxH8PA7QzDevyMQAKU2hepmORLPNLZyNJDA5yv3
MzraegEkAwBpzcAPVjYhHrGNKHCrFN5vCvo23iRyCuZtQ1eqaL3XDsCz1nMwloGe
G2KHg8uklulp7uegmZaiY8liG9EuOnc1RRiAWAyLqZidWl4Yn7v0rbC7HbcREUWv
D3SJtQiuge3TFgYyzNTfS8skx8m6LnRadCponnZIZhsznCMKFe3yGtPlf7HAEBaA
jTc6yGlosvaPIumWa1J2ii7yP3Wz4oj2FDgySKv6OBMMZxPea+nPzY9GPTvryp/5
YyWDm3XZS0s9hExmIasIH4ZFBQ0EKzoCuWCGKk69qJPsJJg9h5Y09PEbqijRQ/e5
1IDjzO9XcmBeH/CPX2+IF136fPbLRcuJRdMZ7DZhiQWMBHLuQm07RnGxb3XnYKwW
F8fVJ/zkaTTViCvCdxi02wqKVjPSd0pL3BsX1wHR5ra6IUKxNIG8tdQwXaqcYkNi
cT5SOqnwO9YKKBtZu7kXMYJct09LL7i8AwexTsX3aeQkBF+L23ak2tDn14lZ9JZk
Fer0ePAcoEGJ2L1Zs9XS+yEP5XvOqUsgI+G1LxOPPxNo46JX6tYBq0WfvppIOUWu
cO9pMA6k8Jn0DALyuHPvKh4iOLKvMSeoP79vBwbBawrD3AQsoDAnBKWlGp+sigZH
89AKFYBvoaO6MFM4BwlV
=nHgn
-END PGP SIGNATURE-
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

[Sks-devel] Pool website

[Sebastian Urbach]

Hi all,

Am i missing something or is the IPv6 detection broken or is it just a
problem with the pool website ?

Kristian, please check it if possible.

Thanks

-- 
Mit freundlichen Grüßen / Yours sincerely

Sebastian Urbach


Religion is something left over from the infancy of
our intelligence, it will fade away as we adopt
reason and science as our guidelines.


Bertrand Arthur William Russell (1872-1970),
British philosopher, logician, mathematician,
historian, and social critic.


signature.asc
Description: PGP signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] Pool website

[Kristian Fiskerstrand]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Sebastian Urbach wrote, On 02/27/2012 11:51 AM:
 Hi all,
 
 Am i missing something or is the IPv6 detection broken or is it 
 just a problem with the pool website ?
 
 Kristian, please check it if possible.
 

Thanks for the heads up, should be back up shortly.


- -- 
- 
Kristian Fiskerstrand
http://www.sumptuouscapital.com
Twitter: @krifisk
- 
Nomina stultorum scribuntur ubique locorum
Fools have the habit of writing their names everywhere
- 
This email was digitally signed using the OpenPGP
standard. If you want to read more about this
The book: Sending Emails - The Safe Way: An
introduction to OpenPGP security is now
available in both Amazon Kindle and Paperback
format at
http://www.amazon.com/dp/B006RSG1S4/
- 
Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.14 (GNU/Linux)

iQIcBAEBCAAGBQJPS9LCAAoJEBbgz41rC5UINwoP/0EANzj1UYzFdbGn8KqrZop1
0oe8fp/w3ErMBu8PVJcuM1sbmN+kt+RtZEVYs+YA33KeM6P/9TTPdC/lAFj5N2vC
JVQsPBOcLZhUfW9N8+YnSIg1/yDgb84PM+Hf9/Ou5kwZ6GTwhcbC6TjkePeVq6dW
8V/dRzl6VM3qSUKeMJAwkKkqVvQpKZpLEk+xg7BY/Y9p7mIQtfnXmzNKOQOW7sZX
3JTi0yWloGZbJTWHPKj8nh1BV0iFaxV9fYIAt796cvQVTKaue/fXKLeoaK+vT+GF
AEcteVpk+lnabqU8f8CQmR15oof8cvH7iDSgsVg668GX+ROFRU7hAiiHenvQOBzl
iXic1LC7yCxqfZUs0qs9GCsXcvp63az8EaJmf8UCoL5W5VNYXrJEmAk2VXuiF3NE
fr/AyiD6oyIBvjaGW+SWHUk8QQnhbNxBo3HKgpVtrUmdtOPIirSMOtLmZOlHCdMl
2ENvtYLqNZpl4DCtNcAE5vQF3bX6n/gasqLDQkVkMPDNrVWfSu2Jsx0g8RM1V2MP
Ai7Yph8OapdirwPi7dOzJAEr18WDcWidj/oSa9M70gD/47XK41ItN/VnPt+poH1E
/V2uWM1EiwqNccHpgIBM/QVhdUQyS7nSbtBMqIMHrIr/UEA1+X83sjCfIus/aqzD
yymR63EGB/1tdcJTW8Wq
=bSsQ
-END PGP SIGNATURE-


___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

[Sks-devel] Pool statistics not parsing 1.1.2's stats pages anymore

[Hauke Lampe]

Hi Kristian.

It seems the parser for the keyserver statistics pages doesn't grok the
output from the new version anymore.

The SKS servers running version 1.1.2 don't show any peers:

http://sks-keyservers.net/status/info/sks.keyservers.net
http://sks-keyservers.net/status/info/keyserver.gingerbear.net
http://sks-keyservers.net/status/info/schluesseldienst.hauke-lampe.de

Version 1.1.1 looks fine:
http://sks-keyservers.net/status/info/keyserver.ccc-hanau.de

The keyserver table has new summary attributes in the table tags.
Maybe that's what irritates the parser:

 table summary=Keyserver Peers width=100%
 tr valign=toptd
 h2Gossip Peers/h2
 table summary=Gossip Peers

The output from version 1.1.1:

 table width=100%
 tr valign=TOPtd
 h2Gossip Peers/h2
 table


Hauke.



signature.asc
Description: OpenPGP digital signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] Pool statistics not parsing 1.1.2's stats pages anymore

[Kristian Fiskerstrand]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hauke Lampe wrote, On 09/23/2011 09:20 PM:
 Hi Kristian.
 
 It seems the parser for the keyserver statistics pages doesn't grok 
 the output from the new version anymore.

Thanks for the heads up, hopefully fixed now in r56

- -- 
- 
Kristian Fiskerstrand
kristian.fiskerstr...@sumptuouscapital.com
http://www.sumptuouscapital.com
- 
Nosce te ipsum!
Know thyself!
- 
This email was digitally signed using the OpenPGP
standard. If you want to read more about this, visit:
http://www.secure-my-email.com
- 
Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.14 (GNU/Linux)

iQIcBAEBCAAGBQJOfOatAAoJEBbgz41rC5UIr8EP/j286e2K5R1KBJNaqy2Mma68
15N5duVrcFeBpBoULTHaVGSJlVQxEj4cUwGn5qNjJCHAiotEYq7rEVU+STanS0ux
PQTj0M6gn8UQwlVxAQnC5KHpvqNMUhcAbxQRGwCSVb4/DlaEHdoiFBiK4w2H/y9F
Ujb6Rs+yXh6FmanJmrrvqdl2e9qrVv4Yr9Qm1KLwV6SCHDA5VPSsILJj5H9bCmb9
cSWjNkTLHAlRggZiMkdlgf/YDy5xHlgkFtb4wkPQgvnOv6uVYWHgZWjCynSD/idV
D3U7jfmF672khXzrd/CaaPr3aOR68c2hjmdHBTYOl7C7ANtS+7GxYyqqPPqcgeek
d4FmOnvDeA4YmzC7AeNpirWluN+3J45CDLY8223tlpbr8TKMXlDRxuiDZ7lL0e/s
jtip0vwDNaS81lQpEpxgp6GnbUJDCIV1SilNQNmFGC8r1Af3ZO27WpepOnq8BbGl
RIl8NBt36m8vvijtIRup2nBEQPXNcaCet3hPJA3lZ9AXVFkl2wznq6lrcwQVxOsC
eJhcYhttpi6tACXEjPH3Qq9MZnQPjsdw4+phna2WP4PWfoxQIf0sDRlqiojPEl7K
etQMn1QNJ6lvfQLWM56lc0wy8aXuT3aHlfpBHa7PwtAFmNdYFLPinhGD5n6CyZpu
z9cE6ZLYwlfylMakfAF9
=XBLk
-END PGP SIGNATURE-


___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] Pool statistics not parsing 1.1.2's stats pages anymore

[John Clizbe]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1,SHA256

Hauke Lampe wrote:
 Hi Kristian.
 
 It seems the parser for the keyserver statistics pages doesn't grok the
 output from the new version anymore.
 
 The SKS servers running version 1.1.2 don't show any peers:
 
 http://sks-keyservers.net/status/info/sks.keyservers.net
 http://sks-keyservers.net/status/info/keyserver.gingerbear.net
 http://sks-keyservers.net/status/info/schluesseldienst.hauke-lampe.de
 
 Version 1.1.1 looks fine:
 http://sks-keyservers.net/status/info/keyserver.ccc-hanau.de
 
 The keyserver table has new summary attributes in the table tags.
 Maybe that's what irritates the parser:
 
 table summary=Keyserver Peers width=100%
 tr valign=toptd
 h2Gossip Peers/h2
 table summary=Gossip Peers
 
 The output from version 1.1.1:
 
 table width=100%
 tr valign=TOPtd
 h2Gossip Peers/h2
 table

I noticed this on Gabor's post about NebrWesleyan.edu's cross-peering, but was
busy with another problem.

I just figured the parser was choking on being fed well-formed HTML :-)
and Kristian would eventually get it fixed.

Anyone else parsing stats or other SKS output should also take notice that
1.1.2's generated HTML passes XHTML 1.0 Strict now.

- -John

- -- 
John P. Clizbe  Inet: John ( a ) Mozilla DAWT net
FSF Assoc #995 / FSFE Fellow #1797  hkp://keyserver.gingerbear.net or
 mailto:pgp-public-k...@gingerbear.net?subject=HELP

Raise your hand if you know someone who is alive only because you
did not want to spend time in jail


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12-svn5502-2010-12-23 (Windows XP)
Comment: When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
Comment: Be part of the £33† ECHELON -- Use Strong Encryption.
Comment: It's YOUR right - for the time being.
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJOfPE4AAoJECMTMVxDW9A0k8sH/iLNni65D7NEMt1T404Ah8ov
u3sFZU5rcVTre+RglDnSxkgOmTTMc+vEUARktCLbegtYbmoLjx2PJaXJIZ2tc3cG
tY7JAK4F9GyTfKTXmyee38QcX2N43vqIdCE+h1/Qj7kYll9J6XMCWBTwAwzmU/bA
H4AERUeuqfCPcmR3F02EV/EDb0YWZ2ScKb00nkw6CujFf0K3R565OuNGILYhxtS8
fWBs43cpzoI1hBvwO/caJ43N/QaZtDRO4zrR/YSFJpYwYVicK6zq2PljrVpaC8CG
jP5zGMYzqhz48MEgcpi8hAzyaeko3cAUU5d+gGIINRfUPWp83GKGiqJTtnhY3UyI
XgQBEQgABgUCTnzxOAAKCRDrXhnz1laYJa5QAP4jBVHtom6FF8UeLIooqlBgf+18
HLDyPy8PUhNscpvFowD/WCqdozUehOsZrfSBrwhS8RtIbWsTCXpEDmd9n1OphEE=
=wOsl
-END PGP SIGNATURE-

___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel