On 2018-05-04 at 17:13 +0100, Andrew Gallagher wrote: > AFAICT, the limitation that SKS servers should only recon with known > peers was introduced as a measure against abuse. But it's a pretty > flimsy anti-abuse system considering that anyone can submit or search > for anything over the HKP interface without restriction. > > I think all SKS servers should attempt to recon with as many other > servers as they can find.
The SKS reconciliation algorithm scales with the count of the differences in key-counts. If you peer with someone with no keys loaded, it will render your server nearly inoperable. We've seen this failure mode before. Repeatedly. It's part of why I wrote the initial Peering wiki document. It's why I walked people through showing how many keys they have loaded, and is why peering is so much easier these days: most people who post to sks-devel follow the guidance and take the hints, and get things sorted out before they post. This is why we only peer with people we whitelist, and why most people look for as much demonstration of Clue as they can get before peering, and it's a large part of why we do see de-peering when actions demonstrate a lack of trustworthiness. -Phil _______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel