[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] IPv6 peering; keydumps annoyingly large
From: |
Robert J. Hansen |
Subject: |
Re: [Sks-devel] IPv6 peering; keydumps annoyingly large |
Date: |
Wed, 1 Jun 2011 02:01:38 -0400 |
> It will eventually become larger than a standard DVD, making it more
> difficult to transport via 'sneakernet' (physical media.)
Not appreciably difficult: pretty much every halfway respectable archiver on
the planet lets you break up archives across multiple media. Heck, even
Microsoft .CAB files support this. Also, don't discount thumb drives: I've
seen 64Gb ones at reasonable price points and I'm sure larger ones are on the
way.
> SKS is currently the only viable keyserver in my opinion, I find it a
> bit strange that every peer must have a redundant copy of every key.
There are really only two options here: redundancy or uniqueness. If there's
only one canonical record of each key then it becomes trivial to remove keys
from the network: just take down the keyserver (either through legal threats or
extralegal actions like DDoS, etc.).
If each keyserver has its own record, these hijinks quickly become impractical:
if your given keyserver goes down then you just move on to another keyserver.
Given that neither hard drive space, bandwidth, nor physical media is a
limiting factor... why should we strike redundancy?