Interesting. But how does Hockeypuck's feature list compare to SKS? For
example, does it exchange keys with other servers in the same manner as
SKS (i.e. via a recon/"gossip" method)? Does it have a good web front
end included?
You're posting this on a list for people who already use the SKS system.
I hope you're not going to just announce a competitor product and run away.
On 12/10/2020 10:07 AM, Casey Marshall wrote:
I've released Hockeypuck 2.1.0
<https://github.com/hockeypuck/hockeypuck/releases/tag/2.1.0> [0],
which contains several new features that may be useful to mitigate
spamming/flooding/DoS [1] attacks on GnuPG and keyservers. See the
release link for details, but here's the highlights:
* Configurable key length and packet size limits, with sensible
defaults to limit keyserver resource consumption (1MB and 8K
respectively).
* Configurable blacklist of primary key fingerprints.
* Authenticated key management. This adds a couple of extra
endpoints which allow a key owner to replace and delete their key,
authenticated by signing the armored key in the request. This
allows a key owner to still update their own key once it has been
inflated beyond the key length limit.
Blacklists and auth key management may also be of interest to
keyserver operators subject to GDPR-related requests.
-Casey
[0] https://github.com/hockeypuck/hockeypuck/releases/tag/2.1.0
<https://github.com/hockeypuck/hockeypuck/releases/tag/2.1.0>
[1] https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
<https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f>
--
Dan Egli
From my Test Server
