Re: [Sks-devel] Proposal: Start verifying self-signatures

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Proposal: Start verifying self-signatures

From:	Daniel Roesler
Subject:	Re: [Sks-devel] Proposal: Start verifying self-signatures
Date:	Sun, 17 May 2015 15:55:33 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On May 17, 2015, Alain Wolf wrote:
>
> If you have Nginx in front of your SKS, uploads are limited to
> 1 MB by default or 8 MB if you follow Matt Rudes installation
> guide.
>
> SKS itself seems to have a hard-coded 5 MB limit (wserver.ml
> line 174).
>

Limiting upload size won't prevent huge packets from being
inserted into the database (could even be via malicious server
operators in the pool). Is there a limit on the size of keys
that are retrieved via gossip?

Daniel

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJVWRwuAAoJEOf2+tFy7+49aosQAIKf1yaBHGftKF0/Uyo+MV3H
oBPOf+Nw2T6fNAppuN0vAZVsBqKNiO3mxcNGVbCNzy4T4TccoxeE0gtpqzn7v3XD
+DEvC7LWncl22ZzhViItxZ5rGXBx2YB2XW6Exf3KJAdmGnnjfvtWk26LzPm6hbiz
Q/yv31bVWeQgNKDp5VE1+jiYHqL2StZZ7LnFV9zYZwW+JehwJUKJ1WVeHEauHjac
E4/yOKe1Y3lY16SXgrqNSRTzhhIYHPZ1kUUBLKDGSSeEZnZUcstFmT7KVdl8+5nt
zl2s7YxbtKVX/wWj0NNBytmL2QDNg85k6J+nMGcshLbZU+QYrGhZVZFyfF1okJQc
FTHx01/86SgZTMqdkghRo88Q/+9TTc+D9Fb1pVzQkmYobuInkvzrTitpjqyKhjnu
dh5tAwKIODaa/CcCz/YwI2hWQUf0tPEb+zH3eWkv+yPRfGhSzCTZ4vgYH6UwK9dB
lbahscOL34RjlY1Zf8DtRXng3ULEdmsXdqFt8CTyg021mR/Pn2ZKjyVVhKS4t6w+
Ro3bsFps55MxYWPQJKIdl1iZX9XSAFD6x7nDIwS/o3FscgWE60rlcvZWywY0Y8Ve
gL+NY2aEpZ5NTIDkmgzjDS4rQ2SyNLAWmpBFHSleocsKkQtUEUJpze7ZVey9I25H
7VmCt9zKf26AGawSNFIn
=WNzl
-----END PGP SIGNATURE-----

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] Proposal: Start verifying self-signatures, Daniel Roesler, 2015/05/17
- Re: [Sks-devel] Proposal: Start verifying self-signatures, Kristian Fiskerstrand, 2015/05/17
  - Re: [Sks-devel] Proposal: Start verifying self-signatures, Daniel Roesler, 2015/05/17
  - Re: [Sks-devel] Proposal: Start verifying self-signatures, Daniel Roesler, 2015/05/17
    - Re: [Sks-devel] Proposal: Start verifying self-signatures, Alain Wolf, 2015/05/17
    - Re: [Sks-devel] Proposal: Start verifying self-signatures, Daniel Roesler <=
    - Re: [Sks-devel] Proposal: Start verifying self-signatures, Robert J. Hansen, 2015/05/17
    - Re: [Sks-devel] Proposal: Start verifying self-signatures, Arnold, 2015/05/18
    - Re: [Sks-devel] Proposal: Start verifying self-signatures, Gabor Kiss, 2015/05/18
    - Re: [Sks-devel] Proposal: Start verifying self-signatures, Daniel Roesler, 2015/05/18
    - Re: [Sks-devel] Proposal: Start verifying self-signatures, Johan van Selst, 2015/05/18
    - Re: [Sks-devel] Proposal: Start verifying self-signatures, Arnold, 2015/05/18
    - Re: [Sks-devel] Proposal: Start verifying self-signatures, Johan van Selst, 2015/05/18
    - Re: [Sks-devel] Proposal: Start verifying self-signatures, Robert J. Hansen, 2015/05/18
    - Re: [Sks-devel] Proposal: Start verifying self-signatures, Daniel Roesler, 2015/05/18
    - Re: [Sks-devel] Proposal: Start verifying self-signatures, Robert J. Hansen, 2015/05/18

Prev by Date: Re: [Sks-devel] HKP and HSTS
Next by Date: Re: [Sks-devel] Proposal: Start verifying self-signatures
Previous by thread: Re: [Sks-devel] Proposal: Start verifying self-signatures
Next by thread: Re: [Sks-devel] Proposal: Start verifying self-signatures
Index(es):
- Date
- Thread