On 2017-06-04 at 17:41 +0200, Kristian Fiskerstrand wrote: > Should be a pull request against the main repo for that. The > build-cleaner patches are likely most interesting, and dkg has some work > on it already.
Ah, didn't know we'd switched to a PR model. https://bitbucket.org/skskeyserver/sks-keyserver/pull-requests/52/build-cleaner/diff Once that's in, can look at the other. > The last time I looked into it a number of the issues > we're seeing in build is related to cryptokit, and we likely should > discuss whether its time to dis-embed the library from the source ( No problems with cryptokit for me, using 1.7. I see from Mercurial commit-log that this doesn't build with older versions of OCaml. It looks like this comes down to being willing to specify which version ranges of the OCaml releases we're supposed to work with. How far back, at what price? > The 64 bit keyid references etc are not necessarily material, we use > those for internal identifiers anyways but don't display it in the > WebUI. I know. I needed the long form in the UI to be able to copy/paste data for analysis and have a reasonable set of keyid specifiers to use. The UI is more than just "looks pretty" (or not). So the patch is entirely about exposing the long-form to those using the keyserver. https://sks.spodhuis.org/ has this functionality, with the HTML form on that page including the option to turn it on or off, so people can decide if it seems useful. > People should download the public keyblocks and do their own > operations on them given their own trustdb/wot calculation rather than > relying on a third party that doen't provide a security assertion to > begin with. When folks are deliberately colliding the short-form, it's useful to be able to point others at listings which cover enough to look at, without folks having to download and install tools locally. It's not perfect, sure, but when you look at: https://sks.spodhuis.org/pks/lookup?op=index&longkeyid=on&search=0x70096AD1 https://sks.spodhuis.org/pks/lookup?op=index&longkeyid=on&search=0xC1DB921F it's enough to tell them apart and determine what to call them to tell them apart when discussing them. It lets me point to the collisions and say "Look at these keys claiming to belong to Gunnar Wolf; the 673 one claims to predate the 15F one, but how do we know for sure?" and leads into a better discussion. -Phil
signature.asc
Description: Digital signature
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
