[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Big amount of updated keys yesterday?
From: |
Jeff Johnson |
Subject: |
Re: [Sks-devel] Big amount of updated keys yesterday? |
Date: |
Wed, 13 Apr 2011 07:15:44 -0400 |
On Apr 12, 2011, at 4:21 AM, Sebastian Wiesinger wrote:
> Hello,
>
> yesterday I noticed that my SKS Server was constantly updating it's
> key database for over an hour. This also showed in the stats:
>
> Daily Histogram
> Time New Keys Updated Keys
> 2011-04-12 74 65
> 2011-04-11 365 7678
> 2011-04-10 280 137
>
>
> Hourly Histogram
> Time New Keys Updated Keys
> 2011-04-12 02 13 8
> 2011-04-12 01 15 6
> 2011-04-12 00 46 51
> 2011-04-11 23 15 5
> 2011-04-11 22 15 5
> 2011-04-11 21 62 3419
> 2011-04-11 20 2 3597
> 2011-04-11 19 9 505
> 2011-04-11 18 19 18
>
> Does anyone know what happened yesterday and where the updates came
> from?
>
> Also this took over an hour and almost exclusively used all the I/O to
> the disks in the system. Is there a way to increase the performance
> for updates in the key db?
>
AFAICT this was pretty close to the beginning of this thread.
This message is also (afiact) the closest thing to a problem report with
almost exclusively used all the I/O to the disks
Is there really a problem here?
An update of 5000-1000 keys over 2-3 hours isn't wildly out of line
with the statistics I've seen.
Key servers come and go, and when there's a diconnection of some sort,
then there can be a burst of activity when the disconnection repairs itself.
That is the nature of gossip proptocols.
Is there a real problem here? What is the problem?
Even if there is a problem, there's no easy way to remove content
from SKS key servers once data has been entered. That was discussed
a while back in the context of removing a single problematic key
that escalated to a legal obligation to remove a user's personal
details from a specfific host.
So what is the problem here? Exchanging logs and doing forensics on
a gossiping set of servers is likely going to be difficult, just
see the snarls and loops being reported already.
Sure its an interesting challenge to try and find a "smoking gun".
But habeas corpus applies: What problem exists?
73 de jeff
smime.p7s
Description: S/MIME cryptographic signature
- Re: [Sks-devel] Big amount of updated keys yesterday?, (continued)
Re: [Sks-devel] Big amount of updated keys yesterday?, Eygene Ryabinkin, 2011/04/13
Re: [Sks-devel] Big amount of updated keys yesterday?, Teun Nijssen, 2011/04/13
Re: [Sks-devel] Big amount of updated keys yesterday?, Kim Minh Kaplan, 2011/04/13
Re: [Sks-devel] Big amount of updated keys yesterday?,
Jeff Johnson <=
Re: [Sks-devel] Big amount of updated keys yesterday?, Daniel Kahn Gillmor, 2011/04/13
Re: [Sks-devel] Big amount of updated keys yesterday?, Jeff Johnson, 2011/04/13
Re: [Sks-devel] Big amount of updated keys yesterday?, Andrey Korobkov, 2011/04/24