[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Port 80
|
From: |
Kristian Fiskerstrand |
|
Subject: |
Re: [Sks-devel] Port 80 |
|
Date: |
Tue, 26 Jun 2012 11:44:55 +0200 |
|
User-agent: |
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20120604 Thunderbird/13.0 |
On 2012-06-26 07:49, Kiss Gabor (Bitman) wrote:
> Dear Kristian,
>
> What does column "Port 80" mean on page
> http://sks-keyservers.net/status/ ?
> This cell is red in line "11 keys.niif.hu" however my server _has_
> appropriate web page at http://keys.niif.hu:80 .
Hi,
I didn't realize that you had sent this email to the list when I first
responded, so excuse a little double communication, but it is a good
question that I should elaborate a bit on when first asked.
Port 80 in the status page is showing a valid inclusion in the p80
sub-pool[1]. The primary purpose of this is to facilitate key lookups
also for users that are behind, usually, corporate firewalls blocking
port 11371. As such this pool will be used with the
http://keyserver[:80] specification in --keyserver or conf file.
As such, it is not only sufficient that a website exist on port 80, but
it has to conform to the HKP draft, most notably
"port80 will have to be available directly on the keyserver
address, so that it can be accessed as /pks/lookup?op=get
See [0] Section 3 "Requesting Data From A Keyserver
Keyserver requests are done via a HTTP GET URL that encodes the
request within it. Specifically, the abs_path (see [2], section
3.2) is built up of the base request "/pks/lookup", followed by any
variables. Arguments are passed through the usual means as
specified in [3], section 8.2.2. The variables may be given in any
order. Keyservers MUST ignore any unknown variables."
As such, the test for port 80 availability is a successful download of a stats
page ?op=stats - if this is not available, port 80 will not be considered, as
that would remove the benefit for the pool.
[0] http://tools.ietf.org/html/draft-shaw-openpgp-hkp-00
[1] http://sks-keyservers.net/overview-of-pools.php
--
----------------------------
Kristian Fiskerstrand
address@hidden
http://www.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Corruptissima re publica plurimæ leges
The greater the degeneration of the republic, the more of its laws
----------------------------
This email was digitally signed using the OpenPGP
standard. If you want to read more about this
The book: Sending Emails - The Safe Way: An
introduction to OpenPGP security is now
available in both Amazon Kindle and Paperback
format at
http://www.amazon.com/dp/B006RSG1S4/
----------------------------
Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/
signature.asc
Description: OpenPGP digital signature
- [Sks-devel] Port 80, Kiss Gabor (Bitman), 2012/06/26
- Re: [Sks-devel] Port 80,
Kristian Fiskerstrand <=