On 2016-02-24 at 06:17 +0000, Mire, John wrote: > What is the process for the keyserver status page generation > (https://sks-keyservers.net/status/) > i.e., what scripts/queries are executed against the individual keyserver? > How often? > Campus is setting up Palo Alto firewalls with traffic/application inspection > and profiling
It's an HTTP request, against the regular HKP service, just on a special endpoint; eg: http://sks.spodhuis.org:11371/pks/lookup?op=stats The only thing different about this is `op=stats` instead of `op=index` or whatever. This is considered public information, because your peers expect to be able to look at this to diagnose problems with the peering: your problems can become their problems, if you fall too far behind. Kristian has some PHP scripts which do the work for the sks-keyservers.net pages; I have other tooling, others will use browsers. Kristian's service is considered "canonical" by most, but is not in any way using privileged access. If you start blocking "unusual" requests for the stats which aren't at DoS levels then you'll upset your peers and lose peering. -Phil _______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
