[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Implications of GDPR

From: Andrew Gallagher
Subject: Re: [Sks-devel] Implications of GDPR
Date: Mon, 30 Apr 2018 12:59:22 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0

On 29/04/18 18:02, Ari Trachtenberg wrote:

> In a two-stage process, the initial phase is done on hashes, and a
> second stage transfers the data corresponding
> to differing hashes.

Yes, that's exactly what happens. The missing entries are fetched over a
standard client request.

>  It should be possible for the second stage can be sent over an encrypted 
> tunnel without
> too much effort.

If the remote server supports HTTPS for client requests, then it would
be straightforward for the reconciliation client to also connect over
HTTPS - but it would have to either fall back to HTTP if the HTTPS
request failed, or be configured with a list of which of its peers are

Certificate validation may also be an issue, because many HTTPS pool
members only have the pool SSL certificate - which won't validate in the
normal manner when bypassing the pool round-robin.

Andrew Gallagher

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]