On 2015-08-24 at 08:50 +1200, Mike Forbes wrote: > Has anyone had any experience with https://github.com/SkierPGP/Skier ?
Experience, no, but I just took a look and these are my initial impressions. It doesn't speak SKS so can't interop with SKS or Hockeypuck. It uses HTTP for key distribution, asking peers for a list of all new keys since a given timestamp and then fetching those. This makes some interesting assumptions about the suitability of a timestamp as an indexing mechanism for consistency in a distributed system not under centralized control. It also immediately POSTs a newly uploaded key to all peers, resulting in fan-out and an interesting DoS vector. Looks like a reasonable choice to explore for a company/site's internal PGP keyserver, only holding local keys, if not going to use LDAP. I'd be rather hesitant to rely upon this for global synchronization at this time. Thanks, added to the list at: http://people.spodhuis.org/phil.pennock/pgp-keyservers -Phil _______________________________________________ Sks-devel mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/sks-devel
