On Sun, Mar 31, 2024 at 04:37:03PM +0200, Dryusdan wrote:
> Hi (again),
>
>
> Finally, gpg.4n0ny.me is finaly operational earlier than expected.
>
> So I looking for peers for gpg.4n0ny.me too.
>
> Same description as keys.dryusdan.fr, I get keydyump from Cyberbits
> (|rsync.cyberbits.eu/sks/du
I am replacing my old key-server sks.srv.dumain.com with a new one:
key-server.org.
It is behind a rate limiting haproxy and has been loaded with a dump purged of
keys
from the flooding attack.
Details as follows:
[hockeypuck.conflux.recon.partner.key_server_org]
#0xA0B31F88E8123356 William
Thus spake Ced:
> --Sig_/FtuskvMchbl4eEa6+GkKc25
> Content-Type: text/plain; charset=US-ASCII
> Content-Transfer-Encoding: quoted-printable
>
> On Thu, 26 May 2022 16:53:31 -0400
> Jason John Schwarz via SKS development and deployment list
> wrote:
>
> > We have received the same take down request
My recon server spent most of yesterday falling over mostly with this message:
Raising Sys.Break -- PTree may be corrupted: Failure("remove_from_node: attempt
to delete non-existant element from prefix tree")
I've run db_recover on the main database and rebuilt the PTree from scratch
many times
a corrupt PTree database that was breaking the recon service.
Rebuilding.
Also a lot of my peers are semi-defunct. Adding a few working ones would be
good:
sks.srv.dumain.com 11370 # William Hay 0xA0B31F88E8123356
signature.asc
Description: PGP signature
>
Added. My details are:
sks.srv.dumain.com 11370 #William Hay 0xA0B31F88E8123556
signature.asc
Description: PGP signature
Thus spake "Kiss Gabor (Bitman)":
> I cannot imagine how this dump could be created.
> Could the attacker upload broken packets or is it "sks dump"
> who garbled the dump file? Or file became bad during
> compression/decompression?
I don't think sks does much validation of packets so anything coul
uest other servers in the pool to add our server as a
> peer.
Done. Please reciprocate.
sks.srv.dumain.com 11370 # 0xA0B31F88E8123356 William Hay
William
signature.asc
Description: PGP signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
Thus spake Valentin Sundermann:
> I think the best way forward would be to implement SKS Recon, this way
> the SKS instances would not fall behind the hagrid ones (what's good for
> the general network I guess).
>
> I'd suggest to provide an in/out sync interface where something like an
> "sks rec
Thus spake "Kruschwitz, Michael":
> keyserver.aktronic.de 11370 # Michael Kruschwitz ic.de> 0x050340C03E3D1AF2
Added to my keyserver
sks.srv.dumain.com 11370 # William Hay /0xA0B31F88E8123356
___
Sks-devel mailing list
Sks-devel@
Does the -dump_new_only option dump keys that are in an existing keydump
file but have changed (eg new sigs since it was dumped the first time)?
Thanks in advance
Bill
signature.asc
Description: PGP signature
___
Sks-devel mailing list
Sks-devel@non
Thus spake Hendrik Visage:
> I=E2=80=99m considering setting up some test environments for the =
> =E2=80=9Cresearchers=E2=80=9D to test the SKS keyservers, but I was =
> wondering about one way replication, ie. one server that will only sent =
> out to the test server(s), but not receive from them
It occurred to me that if I were anticipating an outage of my key server I
could configure
my reverse proxy to remove rather than add Via: headers which would presumably
cause
Kristian's probes to take my server out of the pool thereby preventing people
using the pool
addresses from hitting my
er servers.
> Please add me to your 'membership':
>
> key1.dock23.de 11370 # Ramón Goeden 0xb7c51fd6
> key2.dock23.de 11370 # Ramón Goeden 0xb7c51fd6
>
> Thanks!
>
> Regards,
> Ramón
Done. Please reciprocate:
sks.srv.dumain.com 11370 # William Hay
On Wed, Aug 31, 2016 at 05:23:13PM -0400, Daniel Kahn Gillmor wrote:
> On Wed 2016-08-31 15:44:20 -0400, Jeremy T. Bouse wrote:
>
> > Is the package still forcing the backup and re-import on upgrade? I
> > know that is what took one of my servers out when I upgraded as they
> > don't have the spac
On Mon, Aug 08, 2016 at 03:45:12PM -0400, Daniel Kahn Gillmor wrote:
> I've prepared a jessie-backports package that i'm running on
> zimmermann.mayfirst.org as well. As soon as 1.1.6-1 makes it into
> testing, i'll push it into jessie-backports.
Hi,
I'm sure you're busy but the above makes it s
On Fri, Jun 03, 2016 at 04:49:57PM +0200, Christoph Egger wrote:
> Well.
>
> http://pool.sks-keyservers.net(:11371)? --redirect-->
> https://keyserver.siccegge.de
>
> And if keyserver.siccegge.de present a valid certificate + HSTS would be
> a problem no? (and potentially undetected if the po
On Thu, May 26, 2016 at 12:47:57AM +0200, Valentin Sundermann wrote:
> Hi,
>
> I enforce HTTPS on all my domains by sending the HSTS header to my
> visitors. HSTS forces the browser to use in future only secure
> connections to this domain. More info on Wikipedia[1] :)
> Since my keyserver could b
So having acquired a whole bunch of peers for my keyserver I'm now thinking
about adding hkps support and becoming part of hkps.pool.sks-servers.net. I've
got a couple of queries though.
1.I'll probably want to share the port 443 with other sites. Can one assume
that SNI is supported by hkps
For operational issues contact me directly.
sks.srv.dumain.com 11370 # William Hay 0xA0B31F88E8123356
Thanks
William Hay
signature.asc
Description: Digital signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/ma
20 matches
Mail list logo