sks-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] New wiki page: Peering

From: Kim Minh Kaplan
Subject: Re: [Sks-devel] New wiki page: Peering
Date: Sat, 28 Nov 2009 09:48:26 +0000
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1 (gnu/linux) 
Phil Pennock:


I just wrote this:

  http://code.google.com/p/sks-keyserver/wiki/Peering


Nice work.  Here are some hopefully constructive comments.

   You are assumed to have installed SKS
You could explicit that you mean something like "make && make install" or "aptitude install sks" as peering itself might be considered part of the installation process. 

   SKS basedir
Unlike many daemons SKS makes use of its current working directory as its basedir. It should be mentionned. 

   Double-check DNS
Sample DNS records could help ; and use non routable addresses¹ in your examples. Something like: 

   myhost.example.com.    IN A    192.68.2.42
   myhost.example.com.    IN AAAA FDA6:58A1:7B2E:AAF9::1:42
   keyserver.example.com. IN A    myhost.example.com.
I'm not sure that membership_reload_interval is necessary any more, after Kim's improvements in this area. I put it in anyway, to be safe, but would be happy to remove it again; Kim?
I am quite confident that this setting is not used anymore (and that the code could do with a little cleanup regarding this). So yes remove it. 

   The server is in The Netherlands.

Use a non existant country in the sample. The Neverland is nice.

   Add the line to your config

Explicit mention of "membership file" would be better than config.
Also a couple of words mentionning that SKS logs to db.log, recon.log and generally *.log will help the new user.
The "-disable_mailsync" option should be explained as it is a loose end in SKS. Given the state of the PKS network it is perfectly acceptable to use it. At any rate if the mailsync file is empty it can be used to keep the db process from spitting false alarms in the logs. Mmm, looking back at it these alarms are not completely false: it seems there is a leak in the tqueue DB when you have no mailsync, I'll have to file an issue about that. 

Kim Minh.
P.S.: browsing http://code.google.com/p/sks-keyserver/source/browse/ does *not* show all source files, it stops at reconserver.ml. Am I the only one seeing this? 

¹ RFC 1918 Address Allocation for Private Internets
   http://www.ietf.org/rfc/rfc1918.txt
 RFC 4193 Unique Local IPv6 Unicast Addresses
   http://www.ietf.org/rfc/rfc4193.txt
reply via email to
[Prev in Thread] Current Thread [Next in Thread]