Re: [Sks-devel] IPv6 peering; keydumps annoyingly large

[Matthew Palmer]

On Thu, Jun 02, 2011 at 12:26:41AM +0100, Xian Stannard wrote:
> On 01/06/2011 22:45, David Shaw wrote:
> > Now, to be sure, we could design different ways of avoiding this
> > issue, but personally, I'd want to see some real evidence of an
> > upcoming problem with the keyserver DB size before going down that
> > route.  I'm afraid I don't see a problem that needs fixing here.
>
> It is an issue for me. I have a small VPS (can't afford a large one) and
> don't have enough disk spare to comfortably host an SKS server.
> Processor, bandwidth and RAM are enough for it though.

OK, so on to the meta issue: *why* do you *have* to run a keyserver?  Or, to
put it another way, why should any number of people spend an unestimated
(but I'm willing to bet considerable) amount of time designing, coding,
reviewing, testing, and deploying a significant change to the architecture
of the SKS keyserver network, so you can run a keyserver?

Also, nobody in the "we should do this" camp has (to my knowledge) run any
analysis to try and quantify the size of any dataset reduction, so there's
no guarantees that just filtering out "unneeded" keys would show enough of a
reduction to allow you to run a keyserver anyway (I'm inclined to think it
wouldn't, but I don't have numbers either).  As far as partitioning the
dataset, I've already raised enough issues that would need to be answered
before there was a chance of implementing such an idea; if you're really
serious about making this happen, I suggest you start working on solutions.

And for the record, my keyserver runs on the smallest available Linode VPS,
and I've got no realistic concerns about running out of storage space.

> Many many more servers hosting only part of the
> collection could still achieve a higher redundancy than we currently
> have.

As the wikipedians say, [Citation needed].  Or, perhaps, [Show Your
Working].  I don't profess to have any great underlying theoretical
knowledge of redundancy, but I do have a fair amount of practical experience
with highly-available systems, and your hypothesis does not gel with my
experience.  I'm willing to be wrong, but I need to see some rationale.

> If an admin could dictate the proportion of the entire collection,
> or just specify the minimum amount of disk to keep free, life would be
> easier. For me anyhow.

And that's the crux of the argument.  You want things to be easier *for*
*you*, but you appear to want other people to do the hard work to make it
so.  Unfortunately, that isn't the way the world works.

- Matt

-- 
I wake up to a new world every day -- the one in my boss's head.
                -- Mike Andrews, ASR