Re: [Sks-devel] Withdrawal of service: keys2.flanga.io & keys3.flanga.io

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Withdrawal of service: keys2.flanga.io & keys3.flanga.io

From:	Moritz Wirth
Subject:	Re: [Sks-devel] Withdrawal of service: keys2.flanga.io & keys3.flanga.io
Date:	Thu, 19 Jul 2018 17:46:20 +0200

Hi Martin, 

are you talking about keys.flanga.io or keys2.flanga.io? keys.flanga.io
does still peer, however sks-keyservers does not recognize the peers due
to different structures of the /pks/lookup?op=stats&options=mr file -
this should not affect the peering itself and keyserver.dobrev.eu is
still listed in my peering file (and it looks like peering works:
time="2018-07-19T15:00:04UTC" level=debug msg="hashquery response from
\"keyserver.dobrev.eu:11371\": 8 keys found") . keys2.flanga.io has been
disabled so it does not peer anymore ;)

The main reason for disabling keys2.flanga.io and keys3.flanga.io was
the heavy resource consumption - one point was traffic (thanks to the
amount of keys with 30MB+) and the other one was the CPU utilization of
the database. I monitored the uptime of the sks webserver every 30
seconds and it crashed every 2-5 minutes. While I am happy to contribute
to this project, I don't see a reason in operating something that only
works 60% of the time.

I would rather consider the recent "attacks" as severe bugs than attacks
(though handling these bugs has miserably failed) and the recent patches
are only a drop in the ocean. Let's be honest, SKS is not maintained and
it probably never will, and it's simply frustrating running a keyserver
that never will work as expected.

However, keys.flanga.io will probably continue operation with Hockeypuck
- though it has its own bugs, it's way faster and reliable than SKS.

Best Regards,

Moritz

Am 19.07.18 um 16:52 schrieb Martin Dobrev:
> It's sad to see you going. I've removed the servers from my membership
> file yet I see that you've removed keyserver.dobrev.eu from your list
> too. Is there a particular reason for that or you were just attempting
> to protect yourself during the attack?
>
>
>
> On 17/07/18 13:17, Moritz Wirth wrote:
>> Hi,
>>
>> keys2.flanga.io and keys3.flanga.io will cease operation immediately,
>> given the latest problems.
>>
>> keys.flanga.io will remain online as long as it runs stable and the
>> required disk space does not exceed my limits (database capacity has
>> almost tripled when switching to hockeypuck and is now about 37GB...)
>> and the bandwith consumption stays on a resonable level - I almost spent
>> a terabyte only for peering with other servers and I don't think it's
>> reasonable for a few hundred keys per day...
>>
>> All peers are asked to remove keys2.flanga.io from their peering list
>> (or replace it with keys.flanga.io) - keys3.flanga.io was never actively
>> peered. FYI, Peers for keys.flanga.io are not listed on the
>> sks-keyservers pages anymore.
>>
>> Best Regards,
>>
>> Moritz
>>
>>
>>
>> _______________________________________________
>> Sks-devel mailing list
>> address@hidden
>> https://lists.nongnu.org/mailman/listinfo/sks-devel

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] Withdrawal of service: keys2.flanga.io & keys3.flanga.io, Moritz Wirth, 2018/07/17
- Re: [Sks-devel] Withdrawal of service: keys2.flanga.io & keys3.flanga.io, Fabian A. Santiago, 2018/07/19
- Re: [Sks-devel] Withdrawal of service: keys2.flanga.io & keys3.flanga.io, Martin Dobrev, 2018/07/19
  - Re: [Sks-devel] Withdrawal of service: keys2.flanga.io & keys3.flanga.io, Moritz Wirth <=

Prev by Date: Re: [Sks-devel] Withdrawal of service: keys2.flanga.io & keys3.flanga.io
Next by Date: [Sks-devel] sks.daylightpirates.org is staying
Previous by thread: Re: [Sks-devel] Withdrawal of service: keys2.flanga.io & keys3.flanga.io
Next by thread: [Sks-devel] sks.daylightpirates.org is staying
Index(es):
- Date
- Thread