[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] New wiki page: Peering
From: |
Kim Minh Kaplan |
Subject: |
Re: [Sks-devel] New wiki page: Peering |
Date: |
Sat, 28 Nov 2009 09:48:26 +0000 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/23.1 (gnu/linux) |
Phil Pennock:
I just wrote this:
http://code.google.com/p/sks-keyserver/wiki/Peering
Nice work. Here are some hopefully constructive comments.
You are assumed to have installed SKS
You could explicit that you mean something like "make && make install"
or "aptitude install sks" as peering itself might be considered part of
the installation process.
SKS basedir
Unlike many daemons SKS makes use of its current working directory as
its basedir. It should be mentionned.
Double-check DNS
Sample DNS records could help ; and use non routable addresses¹ in your
examples. Something like:
myhost.example.com. IN A 192.68.2.42
myhost.example.com. IN AAAA FDA6:58A1:7B2E:AAF9::1:42
keyserver.example.com. IN A myhost.example.com.
I'm not sure that membership_reload_interval is necessary any more,
after Kim's improvements in this area. I put it in anyway, to be safe,
but would be happy to remove it again; Kim?
I am quite confident that this setting is not used anymore (and that the
code could do with a little cleanup regarding this). So yes remove it.
The server is in The Netherlands.
Use a non existant country in the sample. The Neverland is nice.
Add the line to your config
Explicit mention of "membership file" would be better than config.
Also a couple of words mentionning that SKS logs to db.log, recon.log
and generally *.log will help the new user.
The "-disable_mailsync" option should be explained as it is a loose end
in SKS. Given the state of the PKS network it is perfectly acceptable
to use it. At any rate if the mailsync file is empty it can be used to
keep the db process from spitting false alarms in the logs. Mmm,
looking back at it these alarms are not completely false: it seems there
is a leak in the tqueue DB when you have no mailsync, I'll have to file
an issue about that.
Kim Minh.
P.S.: browsing http://code.google.com/p/sks-keyserver/source/browse/
does *not* show all source files, it stops at reconserver.ml. Am I the
only one seeing this?
¹ RFC 1918 Address Allocation for Private Internets
http://www.ietf.org/rfc/rfc1918.txt
RFC 4193 Unique Local IPv6 Unicast Addresses
http://www.ietf.org/rfc/rfc4193.txt