Re: [Sks-devel] [GnuPG-users] sks-keyservers.net: Changes to pools / SRV

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] [GnuPG-users] sks-keyservers.net: Changes to pools / SRV

From:	Kristian Fiskerstrand
Subject:	Re: [Sks-devel] [GnuPG-users] sks-keyservers.net: Changes to pools / SRV Weights
Date:	Sun, 13 May 2012 23:09:38 +0200
User-agent:	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:11.0) Gecko/20120312 Thunderbird/11.0

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 2012-05-13 22:33, Phil Pennock wrote:

> I remain tempted to drop the IPv4 record from sks.spodhuis.org,
> leaving the client hostname as IPv6-only; one day, when I need to
> reclaim that IPv4 address, I will do so, but not just yet.  I'm
> pleased at the spread of IPv6 support in the SKS network.  When I
> do reclaim the IPv4, I'll probably split sks/sks-peer to two
> different IPv6 addresses and set up appropriate packet-filtering on
> the v6 address, so that peering can remain up even in the face of
> DoS against the service address, provided my link doesn't
> saturate.

I forgot to comment on this part in my previous message,

Currently the pool force a IPv4 lookup for the availability of the
server (line 118 in [0]), which is used for HKP availability. Reason
for this is that I do a separate connection check for IPv6 afterwards.
But for IPv6 only servers, I'd have to add a separate IPv4 only check
as well. If this is wanted/required I'll do so, but it doesn't match
the current setup.

[0]
http://code.google.com/p/sks-keyservers-pool/source/browse/trunk/sks-keyservers.net/status-srv/sks_get_peer_data.php

- -- 
- ----------------------------
Kristian Fiskerstrand
http://www.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Corruptissima re publica plurimæ leges
The greater the degeneration of the republic, the more of its laws
- ----------------------------
This email was digitally signed using the OpenPGP
standard. If you want to read more about this
The book: Sending Emails - The Safe Way: An
introduction to OpenPGP security is now
available in both Amazon Kindle and Paperback
format at
http://www.amazon.com/dp/B006RSG1S4/
- ----------------------------
Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJPsCMSAAoJEBbgz41rC5UIrSAQAIpGaQ8ZCkIMvMd9kNZqRqBb
1IxDGXDSGQ4Exw9AoInIRpOOuL5jAUMiXt0kenYVQ0szPGxeeU3hPqTyrlIiB9sT
Puw1eacxlQNn6uaqeEl/vt2zIA94sAV4LWM2OQhySHTknxKvqMmUJgSG5N6JqsJS
XxeUIzXTY4dRsaZgjDKLVJNBJPvPoC/m+MF/SmAsKyWlGPT+YKJTqPooDzbzBi9J
HliIzdT32PgXclzNaHy00lt61xxhsoKJ29DD8WJ35Ao7oVhkPdljbMrOrQC/osq/
9xWz1gLYhOdhbDEuQGg53mFadY/SW/GM2PH1uMtAnuEMCHaGZVPcbAfAoAAlSetU
MOBr6pemqF7W0QtDdhHCtiO0r6D8R4kedPruU13d5eryJWizm3SFJzdWzCMEBHQ6
ghNZcT3uEUjOssVIsZ0xrMJEa4OG4OVqVpZ8Iipf80518P6GPz7ocEUNoZwvXQZp
B1SN1yV4fOVJYPloJo8xW/96oDkCFpgKE/QCUrS7yR+bbANlcoglFcpfe5cNRBpp
N8eezptrk9ALpL+siHy+06Z7cKz9l8E+uK57JoYSNWxkeZ42rYVOhO9yoY4pURg3
PxcYOr+v6ejcOimlKB3Alq3KrhnniiPFIlF2JpMrrjWRILalRh5Ehj2cw3uuPtkS
De0DAkaQrDq4b57odwvT
=4BFO
-----END PGP SIGNATURE-----

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Sks-devel] [GnuPG-users] sks-keyservers.net: Changes to pools / SRV Weights, (continued)

Prev by Date: Re: [Sks-devel] Debian binary replacement
Next by Date: Re: [Sks-devel] Debian binary replacement
Previous by thread: Re: [Sks-devel] [GnuPG-users] sks-keyservers.net: Changes to pools / SRV Weights
Next by thread: [Sks-devel] New Debian Binary Replacement
Index(es):
- Date
- Thread