Re: [Sks-devel] Hockeypuck: OpenPGP Key Server, Golang ?

[Yaron Minsky]

Good luck on creating a new keyserver.  A few quick thoughts:

First, it shouldn't be too hard to improve upon SKS.  I'd say the key
weakness of SKS is that it is written in a very naive style without
taking advantage of more modern asynchronous programming toolkits in
OCaml like LWT[1] or Async[2].  I basically rolled my own not very
good event-driven programming model.  (Ah, to be young and foolish)
That means that it basically blocks out when answering a single HTTP
request.  Any vaguely modern toolkit should clean SKS's clock in this
regard.

Second, SKS's communication protocol shouldn't be that hard to grok.
If you read reconMessages.ml and cMarshal.ml, you'll see that messages
are structured quite simply.  Tags are used for separating different
message types.  Substructures are written out by first writing out an
integer size, followed by the contents.

Understanding the messages requires understanding the sync protocol
and the math behind it, which is a bit harder, made more so by the
fact that it never had a clear written specification.  I'm happy to
answer questions, but I'm not going to have time to really dig back in
and understand all the details myself, and it's been a decade since
I've really looked at the code.

Finally, I recommend you think carefully about deletion.  SKS's
protocol does a wonderful job of synchronizing keys, but it doesn't
offer any way of deleting keys.  I think that a well-run keyserver
system should have some mechanism for deleting keys, both by key
owners and by some coalition of administrators.  I've written a few
posts on this list about how to do it, but, again, I can't dedicate
the time to do the work.  (Also, this is as much a social as a
technical question, as you can no doubt imagine.)

Anyway, best of luck.

y

[1]: http://ocsigen.org/lwt/
[2]: https://bitbucket.org/yminsky/ocaml-core/wiki/Home





On Fri, Nov 9, 2012 at 1:18 AM, Casey Marshall <address@hidden> wrote:
> On Wed, Nov 7, 2012 at 11:57 PM, Phil Pennock
> <address@hidden> wrote:
>> Anyone here tracking / aware of Hockeypuck?
>>
>
> Hi Phil & sks-devel,
> I'm the creator of Hockeypuck.
>
>>   https://code.launchpad.net/hockeypuck
>>
>> OpenPGP keyserver, loads dumps made by SKS.  Written in Golang, has
>> backends for PostgreSQL and MongoDB.  Project created 2012-07-20,
>> currently at version 0.5, working on 0.6.
>>
>
> Thanks for the introduction :)
>
> My employer is also hosting an instance at
> http://keyserver.gazzang.net if you'd like to try it out.
>
>> Doesn't _yet_ have inter-keyserver sync, but it's on their todo list:
>>
>>   https://bugs.launchpad.net/hockeypuck/+bug/1044767
>>
>>   "Support keyserver synchronization. Interoperate with SKS gossip
>>    protocols if practical."
>>
>> I stumbled across this while searching Google for something else.
>>
>> Anyone here know anything more about this, or helping out?
>>
>> (For myself: if I had time, I'd love to help out, it would be great to
>>  get two interoperable but independent code-bases)
>>
>
> Help would be most appreciated! I am making progress with
> understanding the SKS sources, but I could really use an explanation
> of the protocol & comparison in layman's terms. The academic papers
> are difficult for me to follow.
>
> It looks like SKS is using a prefix tree to index fingerprints for
> comparison, but how exactly? How do I roll that prefix tree up into a
> recon message, and compare it with the message from another peer?
>
> Contributors are welcome, please direct reply to me if interested.
>
> -Casey
>
> _______________________________________________
> Sks-devel mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/sks-devel

Good luck on creating a new keyserver.  I don't have much time to h

On Fri, Nov 9, 2012 at 1:18 AM, Casey Marshall <address@hidden> wrote:
> On Wed, Nov 7, 2012 at 11:57 PM, Phil Pennock
> <address@hidden> wrote:
>> Anyone here tracking / aware of Hockeypuck?
>>
>
> Hi Phil & sks-devel,
> I'm the creator of Hockeypuck.
>
>>   https://code.launchpad.net/hockeypuck
>>
>> OpenPGP keyserver, loads dumps made by SKS.  Written in Golang, has
>> backends for PostgreSQL and MongoDB.  Project created 2012-07-20,
>> currently at version 0.5, working on 0.6.
>>
>
> Thanks for the introduction :)
>
> My employer is also hosting an instance at
> http://keyserver.gazzang.net if you'd like to try it out.
>
>> Doesn't _yet_ have inter-keyserver sync, but it's on their todo list:
>>
>>   https://bugs.launchpad.net/hockeypuck/+bug/1044767
>>
>>   "Support keyserver synchronization. Interoperate with SKS gossip
>>    protocols if practical."
>>
>> I stumbled across this while searching Google for something else.
>>
>> Anyone here know anything more about this, or helping out?
>>
>> (For myself: if I had time, I'd love to help out, it would be great to
>>  get two interoperable but independent code-bases)
>>
>
> Help would be most appreciated! I am making progress with
> understanding the SKS sources, but I could really use an explanation
> of the protocol & comparison in layman's terms. The academic papers
> are difficult for me to follow.
>
> It looks like SKS is using a prefix tree to index fingerprints for
> comparison, but how exactly? How do I roll that prefix tree up into a
> recon message, and compare it with the message from another peer?
>
> Contributors are welcome, please direct reply to me if interested.
>
> -Casey
>
> _______________________________________________
> Sks-devel mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/sks-devel