Re: [Sks-devel] acceptable search input format

David Shaw wrote: > On Jun 4, 2014, at 4:52 AM, kwadronaut wrote: > >> Hi, >> >> I noticed that the search for keys in the web fronted is picky in its >> input. Some that should work (in my opinion) don't. I double checked >> with 'How to specify a uid' in gnupgs documentation [1]. Is there any

Re: [Sks-devel] Debian SKS Upgrad Problem - Bdb.DBError

d Ronny Wagner wrote: > Hallo Tobias and John, > > Server 01 > I do a rebuild from a keydump, but its very slowly (/usr/sbin/sks build > /var/lib/sks/dump/*.pgp -n 2 -cache 100) rebuilding kdb is not so great an idea as the problem was most likely in PTree. running pbuild to build a new PTree is

Re: [Sks-devel] Debian SKS Upgrad Problem - Bdb.DBError

Ronny Wagner wrote: > Dear Community, > > i upgrade my two sks server from squeeze to wheezy with sks 1.1.4 (wheezy > backport). > > After the update, I become following failed message: > Requesting 2 missing keys from , starting > with 61AA86A0328D7DF39FC96E13B0A18B83 > 1 keys received > Ctrl-C.

Re: [Sks-devel] Debian SKS Upgrad Problem - Bdb.DBError

Ronny Wagner wrote: > Dear Community, > > i upgrade my two sks server from squeeze to wheezy with sks 1.1.4 (wheezy > backport). > > After the update, I become following failed message: > Requesting 2 missing keys from , starting > with 61AA86A0328D7DF39FC96E13B0A18B83 > 1 keys received > Ctrl-C.

Re: [Sks-devel] Encrypt.to searching for beta users

ad...@pgpkey.org wrote: > Thanks John, You're welcome. Please don't CC me on replies to the list, one copy in one inbox is sufficient. >> >> NB: Those wishing to try the code and query their own keyserver need to be >> running my latest trunk. The patch adding the header that OpenJS needs to be >

Re: [Sks-devel] Encrypt.to searching for beta users

Kristian Fiskerstrand wrote: > Granted this whole discussion probably belongs somewhere else, but > since we're first on the topic, let me chime in my two cents. > > First of all, any encryption done in a browser will at least have to > be done in a browser extension that does not auto-update. One

Re: [Sks-devel] IPv4 vs. IPv6? -- Reconciliation attempt from unauthorized host, but host is authorized

Daniel Kahn Gillmor wrote: > On 11/27/2013 04:30 PM, Phil Pennock wrote: >> On 2013-11-27 at 12:57 -0500, Daniel Kahn Gillmor wrote: >>> i'm running sks 1.1.4 on Debian GNU/Linux, wheezy, amd64 (x86_64) >>> platform. >>> >>> I see the following situation in the logs of the recon process (this is >>

Re: [Sks-devel] Seeking for gossiping peers for http://sks01.keyhub.io:11371

Todd Lyons wrote: > > Thomas, you are also running version 1.1.1 of the keyserver software. > You will find that some will refuse to peer with you unless you are > running at least 1.1.3. Umm, what does peering have to do with the SKS version that one would refuse to peer with a server running a

Re: [Sks-devel] Peering Request

Rossi Guiliani wrote: > > Hi all, I started a new keyserver on "keyserver.bau5net.com". I have > downloaded a dump and currently have 3406311 keys loaded. I am > looking for a peer to help me join the community! > > Thanks! > R. Greetings Rossi, Please see https://bitbucket.org/skskeyserver/s

Re: [Sks-devel] why does SKS have /dev/random open for writing?

John Clizbe wrote: >> > Arghh. cryptokit. (Too many libraries with similar names) > Indeed it is. From src/cryptokit.mli: (** The [Random] module provides random and pseudo-random number generators suitable for generating cryptographic keys, nonces, or challenges. *) module

Re: [Sks-devel] why does SKS have /dev/random open for writing?

John Clizbe wrote: > Daniel Kahn Gillmor wrote: >> hi SKS folks-- >> >> I was just looking at the behavior of sks 1.1.4, and i noticed that it >> seems to have /dev/random open for writing: >> >> 0 zimmermann:~# lsof /dev/random >> COMMAND PID

Re: [Sks-devel] why does SKS have /dev/random open for writing?

Daniel Kahn Gillmor wrote: > hi SKS folks-- > > I was just looking at the behavior of sks 1.1.4, and i noticed that it > seems to have /dev/random open for writing: > > 0 zimmermann:~# lsof /dev/random > COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME > sks 742 debian-sks3w

Re: [Sks-devel] SKS should not accept or propagate User IDs with no self-sigs [was: SKS should not accept or replay non-exportable certifications]

Daniel Kahn Gillmor wrote: > Hi John, all-- > > On 09/14/2013 09:46 PM, John Clizbe wrote:. > > clearly i think that such data should neither propagate on the > keyservers nor be accepted or transmitted by the clients. Both sides of > the transaction should be actively

Re: [Sks-devel] SKS should not accept or replay non-exportable certifications

Daniel Kahn Gillmor wrote: > On 09/14/2013 05:00 PM, Robert J. Hansen wrote: > [dkg wrote]: >>> > I have told numerous people that the keyserver network will not >>> > propagate local signatures. >> >> This is true. > > No, unfortunately, it is not true in any way for SKS 1.1.4 (and probably > ea

Re: [Sks-devel] SKS should not accept or replay non-exportable certifications

Daniel Kahn Gillmor wrote:> > Someone™ (0x75D292D353ADACCD) made a non-exportable certification on > your user ID "John P. Clizbe " > (2048R/0x2313315C435BD034). Someone else uploaded that key to a > keyserver (ok, i admit it was me :P). The keyserver network is > currently propagating that non-e

Re: [Sks-devel] SKS should not accept or replay non-exportable certifications

Phil Pennock wrote: > On 2013-09-12 at 19:40 -0400, Daniel Kahn Gillmor wrote: >> While this seems like it is probably a fixable bug for someone who knows >> their way around the codebase, I forsee problems with synchronizing the >> pool, if some SKS keyservers start following the spec and others r

Re: [Sks-devel] [PATCH] add fingerprint line to machine readable output

Stefan Tomanek wrote: > Dies schrieb John Clizbe (jpcli...@gingerbear.net): >> 2012-10-27: Fixes for machine-readable indices. >> >> Key expiration times are now read from self-signatures on the key's UIDs. >> (KF) >> In addition, instead of 8-digit key

Re: [Sks-devel] [PATCH] add fingerprint line to machine readable output

Stefan Tomanek wrote: > With this change, an additional line is appended to each search result when > using the machine readable output. This line is prefixed with "fpr:" and > contains the fingerprint of the key returned, making it possible to > distinguish > keys from each other before downloadi

Re: [Sks-devel] Raising Sys.Break -- PTree may be corrupted: Failure("add_to_node: attempt to reinsert element into prefix tree")

Christoph Anton Mitterer wrote: > Hi. > > As mentioned previously I'm in the process of migrating/re-installing my > SKS instance at much better machine... > > I run SKS 1.1.3 from Debian sid (which has BDB 5.1, IIRC). > > Just for trying, I dumped the keydb from my old server, and made a full >

Re: [Sks-devel] Fake keys and removal thereof

NimbleSec SKS Admin wrote: > Hi all, > > I have a couple of quick noobish questions... > > I noticed this tweet: > https://twitter.com/abditum/status/352271467196588035 > > It refers to a key retrieved from pgp.mit.edu that the keyserver is > not allowing removal of. I noticed it was also avai

Re: [Sks-devel] Submitting keys via email

Stefan Parviainen wrote: > On 06/29/2013 01:17 AM, Phil Pennock wrote: >> If you're modifying code to add support for this, you should consider >> just adding keyserver support, it's a very simple HTTP POST and there >> are resilient pool addresses to help. > That would be the ideal, of course. Ho

Re: [Sks-devel] Submitting keys via email

Stefan Parviainen wrote: > Hi all, > > Is it possible for a user to submit their public key to a keyserver via > email? I've seen some references to this being possible (and besides, > isn't the whole key exchange between servers email based?) but haven't > found anywhere exactly how to do it. >

Re: [Sks-devel] Bdb.DBError("BDB2034 unable to allocate memory for mutex; resize mutex region")

Frank de Bot wrote: > Hello, > > Often my SKS servers stops working. In the log I see this last line: > Bdb.DBError("BDB2034 unable to allocate memory for mutex; resize mutex > region") > > I run a FreeBSD 8.1 (x64) server with these versions: > > SKS version 1.1.4 > Compiled with Ocaml version

Re: [Sks-devel] backup and restore database

Rafael wrote: > We have here a local SKS only for local users, how can I backup and restore > all public keys from my server?? When I first read the subject I thought, "Why, unless it's for local use only?" Backup --> sks dump Restore/Creation --> sks build, followed by sks clean and sks pbuild.

Re: [Sks-devel] Disunitedstates.com: DB_AUTO_COMMIT may not be specified in non-transactional environment on build

David Benfell wrote: > Hi all, > > Ick. This is proving more difficult than I expected. > > Trying to dump the database on the old server yielded some kind of > database error, with the suggestion to run recovery. I couldn't find > how to do a recovery, so I just copied the latest dump from > pra

Re: [Sks-devel] Upgrading to 1.1.3 Through Debian Backports

Christoph Egger wrote: > Moin! > > John Clizbe writes: >> Patrick R McDonald wrote: >>> I would like to upgrade my sks on Debian Squeeze from 1.1.1 to 1.1.3 >>> using Debian backports. Is there anything of which I need to be aware >>> when making this u

Re: [Sks-devel] Upgrading to 1.1.3 Through Debian Backports

Patrick R McDonald wrote: > All, > > I would like to upgrade my sks on Debian Squeeze from 1.1.1 to 1.1.3 > using Debian backports. Is there anything of which I need to be aware > when making this upgrade? if your 1.1.3 is linked with the same version of Berkeley DB as your 1.1.1, there should be

Re: [Sks-devel] Keyserver operators with reverse proxies: read this please

Phil Pennock wrote: > Folks, > > We now have two separate issues affecting SKS (and GnuKS) keyservers > which have nginx or Apache in front of them, affecting interop > compatibility with various versions of GnuPG (and other clients) as > deployed. > > Even as changed clients roll out, we can exp

Re: [Sks-devel] Peering wiki text updated

Phil Pennock wrote: > > If someone has a current good example of Apache config for this, we > should add that too. Using this on both servers, ports 80 & 11371 ServerName keyserver.example.net ServerAlias pool.sks-keyservers.net *.pool.sks-keyservers.net ServerAlias keys.gnupg.ne

Re: [Sks-devel] keyserver.rainydayz.org back up

Andy Ruddock wrote: > Kristian Fiskerstrand wrote: >> On 02/19/2013 06:19 PM, Andy Ruddock wrote: >>> mid-December, so tried copying that but ran into "out of space >>> for mutex" errors each time I tried to start sks - even after >>> running "sks cleandb". sks cleandb doesn't address this, it onl

Re: [Sks-devel] keyserver.rainydayz.org peering request

iles for the status directory then grep for my server name. Kristian makes it much easier. > I'd still like to extend my request for new peers. You should already have gingerbear.net. You're welcome to add keyservers.net keyserver.gingerbear.net 11370 # John Clizbe 0xD6569825 s

Re: [Sks-devel] unable to allocate memory for mutex; resize mutex region [sks ubuntu/oneiric]

Moritz Rudert (helios) wrote: > On 02/21/2012 06:02 PM, H.-Dirk Schmitt wrote: >> Hello! >> >> After upgrading from ubuntu/natty to ubuntu/oneiric sks stop working >> with the error message >> "unable to allocate memory for mutex; resize mutex region" in db.log. >> >> If someone else runs in this p

Re: [Sks-devel] reconciliation request and a little "hello"

Jakob Rößler wrote: > Hello list, > > I just subscribed to this mailing list and wanted to say "hello" to you > guys. > Furthermore I want to request you to find somebody who agrees to > reconcile his sks database with mine. Hello Jakob, Welcome. There is an informal protocol we have for peeri

Re: [Sks-devel] Wrong key fetched?

Christoph Egger wrote: > Hi! > > Something weird happening when fetching 0xE33EC63DF983 -- it gets > 0x9CDF568F which doesn't even have a subkey called 0xE33EC63DF983 as > far as I can see. Anyone knows what's going on? > > Regards > > Christoph > It's a subkey according to a verb

Re: [Sks-devel] odd

folkert wrote: >> > Could you please post, HOW you're uploading? Say, what exactly are you >> > doing? >> >> What I do is: >> gpg --keyserver 172.29.0.11 --send-key C4739D2D >> gpg --keyserver wwwkeys.pgp.net --send-key C4739D2D >> gpg --keyserver subkeys.pgp.net --send-key C4739D2D >> gpg --keyse

Re: [Sks-devel] DNS change for keyserver.borgnet.us

Scott Grayban wrote: > The IPv4 for keyserver.borgnet.ushas changed. Everyone using my sks keyservers > peering needs to flush your dns cache so the new IP gets updated. > > Kristian please flush your servers cache as well so that > http://sks-keyservers.net/status/info/keyserver.borgnet.us starts

Re: [Sks-devel] throttle lookups? / multihomed server

Stephan Seitz wrote: > Hi guys, > > after a quick peek into my sks logs (without a particular reason ;) ), I > found a few interestingly huge blocks of lookup requests. These > unusual(?) amounts of lookups were requested en-bloc by a single IP. > > Sometimes single IPs were requesting upto a few

Re: [Sks-devel] Idea: dump should create keycount.txt

Phil Pennock wrote: > On 2012-11-07 at 17:45 -0600, John Clizbe wrote: >> Rather than add a new file to the dump process, why not just improve the >> inadequate output that goes into dump.log? > > Because that then needs to be parsed by a tool to extract only the most > r

Re: [Sks-devel] Idea: dump should create keycount.txt

Kristian Fiskerstrand wrote: > On 11/07/2012 02:36 AM, Phil Pennock wrote: >> What do folks think of the idea of having "sks dump" also create a file >> called [prefix]keycount.txt ? >> >> That way, folks who make dumps available will have a really easy way to >> also make a count of the keys avai

Re: [Sks-devel] new keyserver

Phil Pennock wrote: > On 2012-11-06 at 18:18 +, Ronny Wagner wrote: >> I have a new keyserver running and would like to peer with other >> servers. Please add me to your 'membership' file with the following >> entry and provide your details in return so I can do the same: > > SKS does not effi

Re: [Sks-devel] new keyserver

Ronny Wagner wrote: > Hi All, > > I have a new keyserver running and would like to peer with other > servers. Please add me to your 'membership' file with the following > entry and provide your details in return so I can do the same: > > keys-01.licoho.de 11370 > You already have one of my ser

Re: [Sks-devel] 16-digit keyid with machine-readable output

k clair wrote: > Hello, > > I can't find anywhere that this is documented: Is there a way to > get the machine-readable output of a search to return the 16-digit > keyid rather than the 8-digit keyid? The machine-readable index code is pretty simple and direct. There aren't really any options o

Re: [Sks-devel] 16-digit keyid with machine-readable output

David Shaw wrote: > On Oct 25, 2012, at 4:50 PM, John Clizbe wrote: >> Kristian and I were discussing this exact item yesterday. From my reading >> of [1], I think 16-digit key IDs should be returned in the mr index. I >> /think/ Kristian may also be thinking that way.

Re: [Sks-devel] 16-digit keyid with machine-readable output

Phil Pennock wrote: > On 2012-10-25 at 15:50 -0500, John Clizbe wrote: >> Kristian and I were discussing this exact item yesterday. From my reading of >> [1], I think 16-digit key IDs should be returned in the mr index. I /think/ >> Kristian may also

Re: [Sks-devel] 16-digit keyid with machine-readable output

Phil Pennock wrote: > On 2012-10-25 at 12:42 -0700, k clair wrote: >> I can't find anywhere that this is documented: Is there a way to >> get the machine-readable output of a search to return the 16-digit >> keyid rather than the 8-digit keyid? > > Not at present. It would require code changes,

Re: [Sks-devel] expiration date in machine readable results

Daniel Kahn Gillmor wrote: I think it's doable. Compare http://keyserver.gingerbear.net/pks/lookup?search=0x83EB2E0A&fingerprint=on&op=index and http://keyserver.gingerbear.net/pks/lookup?search=0x83EB2E0A&fingerprint=on&op=vindex Presently, &options=mr returns the same for either op value, in

Re: [Sks-devel] The Arch User Repository version of SKS has supposedly been updated

kristian.fiskerstr...@sumptuouscapital.com wrote: > Hi Christian, > > If switching between DB versions, this should be fine by following the UPGRADING instructions in the source/wiki. You need to make sure your Berkeley DB install also has the utility programs available, specifically db_recover a

Re: [Sks-devel] sks.pkqs.net moved again

Stephan Beyer wrote: > Hi, > > please touch your membership files to note SKS about changes; > sks.pkqs.net IP changed from 88.198.41.86 to 213.133.103.71. > > The recon.log tells me that it is already syncing with some servers. > Is touching not required any longer in recent SKS versions? Touch

Re: [Sks-devel] Newbie question about the /pks/lookup?op=stats page

Stephan Seitz wrote: > Hi, > > it looks like you've got files with wrong permissions (i suspect wrong owner). > > To generally avoid this, I'ld suggest to always work with the non-privileged > user. > Just a wild guess: You tried to start sks-recon and/or sks-db as root. Now > it's running with

Re: [Sks-devel] New Keyserver

rt 0x4941485B > > Thanks > Moritz Rudert Hello Moritz, Your server was never removed from mine. In case you need my membership info again: keyserver.gingerbear.net 11370 # John Clizbe 0xD6569825 sks.keyservers.net 11370 # John Clizbe 0xD6569825 -John PS: Anyone seeking ad

Re: [Sks-devel] Fwd: Request for SKS gossip peers

Andreas Thulin wrote: > All right, > > those were really good tips - the build actually looks like it's working now > (since I get the expected output). I've done this a few times :-) > Am I right when assuming that I need to run > > # /usr/sbin/sks cleandb > > and then > > # /usr/sbin/sks pb

Re: [Sks-devel] Request for SKS gossip peers

Andreas Thulin wrote: > My bad, I sent my e-mail to the wrong receiver... > > Also, a correction: I'm running sks version 1.1.3. > > Please see below. > > /A > > 2012/9/9 Andreas Thulin > > > Hi! > > I'm running Ubuntu 12.04 (64 bit) on an Asrock Ion

Re: [Sks-devel] Request for SKS gossip peers

Andreas Thulin wrote: > Hi! > > Thanks for good advice, I'll get back on getting a dump immediately. Trouble > is I tried and failed a couple of times with building the DB, and the sks > binary doesn't really give any useful feedback on what I'm doing wrong. > > Would you say an e-mail to the sk

Re: [Sks-devel] new keydump source

Jeffrey Johnson wrote: > > On Aug 17, 2012, at 2:31 PM, Jason Harris wrote: > >> Have any of the OCaml hackers ever thought about dumping keys in >> keyid (v. SKS hash) order? That would make less deltas when using >> rsync. Each keydump file would then have a set range of keys, e.g., >> sks-d

Re: [Sks-devel] Bdb Error during sks dump

Stephan Seitz wrote: > Hi there, > > running sks 1.1.3 i noticed reproducable db errors when trying to access > sks-db during sks dump. > It always results in: > > Error handling request. Exception raised: Bdb.DBError("PANIC: fatal > region error detected; run recovery") > > I didn't find much u

Re: [Sks-devel] hg repo existence etiquette post-merge?

Phil Pennock wrote: > While I've used git/hg a bit, before today I hadn't dealt with creating > server-forked repos and issue pull requests. > > That part of the process is clean and simple. But none of the docs I'm > finding describe what happens *next*, how do you clean up? Just delete it if y

Re: [Sks-devel] RPoxy + port 80 -- Apache 2.4

Stefano Rivera wrote: > Hi Kristian (2012.07.26_20:27:50_+0200) >> Try adding: Header set Server Apache to the config. > > IIRC it needs to be lower-case "apache". > > http://code.google.com/p/sks-keyservers-pool/source/browse/trunk/ > sks-keyservers.net/status-srv/sks.inc.php#337 I copied Apach

Re: [Sks-devel] recon outage on zimmermann.mayfirst.org

Daniel Kahn Gillmor wrote: > hey folks-- > > it looks like the sks recon process on zimmermann.mayfirst.org > (a.k.a. keys.mayfirst.org) stopped about 10 days ago: > > 2012-07-16 05:28:34 Raising Sys.Break -- PTree may be corrupted: > Bdb.DBError("unable to allocate memory for mutex; resize mutex

Re: [Sks-devel] sks dumps

Stephan Seitz wrote: > Hi there, > > I'm going to create weekly or daily (currently undecided) dumps of the > sks-db. There really is not enough churn to justify a daily dump > If I'ld offer that dumps for download, is there some best-practice how > the URL should look like and how to offer them

[Sks-devel] RPoxy + port 80 -- Apache 2.4

I'm trying to get the headers to work correctly for Apache 2.4. I have Apache listening on ports 80 & 11371. SKS is on port 11372 The vhost in httpd.conf is ServerName keyserver.gingerbear.net ServerAdmin jpcli...@gingerbear.net Order deny,allow Allow from all

Re: [Sks-devel] How to purge excess log files?

Brian D Heaton wrote: > > On 7/12/2012 10:08 PM, David Benfell wrote: >> On 07/12/12 00:36, Kristian Fiskerstrand wrote: >> >>> FYI; The current trunk has a pull request at the moment where KDB >>> and PTree is set up with DB_CONFIG files if they are found in the >>> basedir (DB_CONFIG.[KDB|PTree

Re: [Sks-devel] [patch] Clocks and VMs

John Clizbe wrote: > Phil Pennock wrote: >> >> On 2012-05-31 at 11:51 -0500, John Clizbe wrote: >>> I'm looking forward to trying out this patch on Windows >> >> Were you able to do so? Did this make SKS tenable on Windows? > > Stymied by a linki

[Sks-devel] keyservers.org connectivity restored (Was: keyservers.org downtime)

Robert J. Hansen wrote: > Due to a catastrophic set of thunderstorms that have hammered public > utilities in the DC area, keyservers.org is experiencing prolonged > downtime. I don't expect it to be operational for the next couple of > days, and the downtime may extend more than a week. My apolo

Re: [Sks-devel] [patch] Clocks and VMs

Phil Pennock wrote: > > On 2012-05-31 at 11:51 -0500, John Clizbe wrote: >> I'm looking forward to trying out this patch on Windows > > Were you able to do so? Did this make SKS tenable on Windows? Stymied by a linking error. Working on some features Kristian and I have

Re: [Sks-devel] sks (fast)build memory/cache problem

Stephan Beyer wrote: > On 01.07.2012 04:29, Stephan Beyer wrote: >> Interestingly, if I take a look into merge.log now, I can see: >> >> 2012-07-01 04:13:03 Fatal database error: Bdb.DBError("BDB2034 unable to >> allocate memory for mutex; resize mutex region") >> 2012-07-01 04:13:03 closing datab

Re: [Sks-devel] keyservers.org downtime

Brian D Heaton wrote: > Robert, > > Depending on whether or not the cell sites have generators in addition > to their battery banks, that 4G service may get spotty soon. When we > went through the "Snowpocalypse" up here in the PAC-NW early this year > the cell sites started dieing in the rural a

Re: [Sks-devel] Non-trivial HTTP server config

Kristian Fiskerstrand wrote: > On 2012-06-26 20:49, Kiss Gabor (Bitman) wrote: >> Dear Johan, >> >> Kristian Fiskerstrand wrote: > ... >> Just for curiosity I entered URL http://p80.pool.sks-keyservers.net:80 >> in my browser as written on page >> http://sks-keyservers.net/overview-of-pools.php. >>

Re: [Sks-devel] DisUnitedStates.com down; Re: DB_ENV->set_lk_detect: unknown deadlock detection mode specified

Christoph Egger wrote: > Hi! > > Daniel Kahn Gillmor writes: >>> Backports of newer Berkeley DB "work" too, and likely >>> have some other usage cases than SKS because of bdb+sqlite3 API. >> >> right, this is one other path i considered, but i don't really want to >> have to maintain a bdb backpo

Re: [Sks-devel] Min. Requirement for SKS Version in the Pool

Jeffrey Johnson wrote: > > On Jun 25, 2012, at 10:24 AM, Phil Benchoff wrote: > >> On Sun, Jun 24, 2012 at 09:20:07PM +0200, Kristian Fiskerstrand wrote: >>> As of *1. August 2012* I intend to change the minimum version for >>> qualification in the pool to 1.1.3. >> >> Our keyserver runs on Cent

Re: [Sks-devel] Min. Requirement for SKS Version in the Pool

Phil Benchoff wrote: > On Sun, Jun 24, 2012 at 09:20:07PM +0200, Kristian Fiskerstrand wrote: >> As of *1. August 2012* I intend to change the minimum version for >> qualification in the pool to 1.1.3. > > Our keyserver runs on Centos 5.7. The distribution BDB is 4.3.29 and we > have ocaml 3.12.0

Re: [Sks-devel] DisUnitedStates.com back up. Hopefully.

David Benfell wrote: > Hi all, > > This was much more of an adventure than I was expecting. I *think* > disunitedstates.com is back up. > > I built from source, so I don't have a web page however. Who has a > nice one I can steal/borrow/rob/beg? sampleWeb directory that came with the source sta

Re: [Sks-devel] DisUnitedStates.com down; Re: DB_ENV->set_lk_detect: unknown deadlock detection mode specified

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1,SHA256 Christoph Egger wrote: > Hi! > > John Clizbe writes: >> David Benfell wrote: >>> On 06/25/12 01:15, John Clizbe wrote: >> FWIW, I believe the current debian package for 1.1.3 is using 4.7 > > The 1.1.1 pa

Re: [Sks-devel] DisUnitedStates.com down; Re: DB_ENV->set_lk_detect: unknown deadlock detection mode specified

David Benfell wrote: > On 06/25/12 01:15, John Clizbe wrote: >> db_4.6_checkpoint -1h . > > Sorry, thunderbird's quoting is broken, but: > > atlanta# pwd > /var/lib/sks/DB > atlanta# db4.6_recover -h . > db4.6_recover: unable to join the environment > db4.

Re: [Sks-devel] DisUnitedStates.org down; Re: DB_ENV->set_lk_detect: unknown deadlock detection mode specified

David Benfell wrote: > Hi again, > > On 06/25/12 00:08, John Clizbe wrote: >> db_stat -h . -e|head > > This is not looking good: > > atlanta# pwd > /var/lib/sks > atlanta# cd DB > atlanta# db_stat -h . -e|head > db_stat: BDB1538 Program version 5.

Re: [Sks-devel] DB_ENV->set_lk_detect: unknown deadlock detection mode specified

David Benfell wrote: > Hi John, > > On 06/24/12 23:54, John Clizbe wrote: >> db_recover -h DB > > It says: > > atlanta# db4.6_recover -h DB > db4.6_recover: Unacceptable log file DB/log.002109: unsupported > log version 19 > db4.6_recover: Invalid log fi

Re: [Sks-devel] DB_ENV->set_lk_detect: unknown deadlock detection mode specified

David Benfell wrote: > On 06/24/12 23:08, David Benfell wrote: >> On 06/24/12 23:01, John Clizbe wrote: >>> set_lk_detect DB_LOCK_DEFAULT > >> I don't seem to have a file by the name DB_CONFIG > > I found DB_CONFIG in the sample configuration in

Re: [Sks-devel] Min. Requirement for SKS Version in the Pool

Daniel Kahn Gillmor wrote: > On 06/25/2012 02:16 AM, John Clizbe wrote: >> After Christoph's last email re mutex_set_max I checked my own databases, >> both >> of which were set to 64K. PTree was almost equally split between in-use and >> free. KDB was very clos

Re: [Sks-devel] Min. Requirement for SKS Version in the Pool

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1,SHA256 Christoph Egger wrote: > Hi! > > Daniel Kahn Gillmor writes: >> On 06/25/2012 12:44 AM, Kristian Fiskerstrand wrote: >>> Please let me know if we should push the timeline some for the 1.1.2 >>> minimum to get more time for testing, as origina

Re: [Sks-devel] DB_ENV->set_lk_detect: unknown deadlock detection mode specified

David Benfell wrote: > On 06/24/12 22:40, David Benfell wrote: >> However, attempting to start produces the following: > >> DB_ENV->set_lk_detect: unknown deadlock detection mode specified >> zsh: segmentation fault /usr/local/bin/sks cleandb Check DB_CONFIG in the KDB/DB directory for typos

Re: [Sks-devel] SKS 1.1.3 for Debian

1.1.3-1.dsc > to main/s/sks/sks_1.1.3-1.dsc > sks_1.1.3-1_amd64.deb > to main/s/sks/sks_1.1.3-1_amd64.deb > sks_1.1.3.orig.tar.gz > to main/s/sks/sks_1.1.3.orig.tar.gz John Clizbe wrote: > I have exchanged some emails with the Debian SKS maintainer. > > He is almost f

[Sks-devel] SKS 1.1.3 for Debian

I have exchanged some emails with the Debian SKS maintainer. He is almost finished with the packaging and believes he can upload sks-1.1.3 in the next few of days. Once the new package is available, please consider upgraging to 1.1.3 ASAP. Servers running SKS prior to version 1.1.3 run the risk o

Re: [Sks-devel] New Keyserver - Looking for Peers (Gremlins have been vanquished!)

virii wrote: > On 06/18/2012 02:16 AM, PGP-Keymaster (Brian D Heaton) wrote: >> I see you're running the old v1.1.1 release. Have you considered >> upgrading to v1.1.3? There are some nice fixes in there. v1.1.4 is >> still a ways out so stepping up to v1.1.3 is probably a good idea. 1.1.1 isn't

Re: [Sks-devel] Issue Importing Database Dump (Dents in my forehead)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Brian D Heaton wrote: > John, > > Short version: Made the suggested changes and I'm currently bringing in > keys via "build." Fingers crossed. > > Long version: > I went back to the 1.1.3 release I tried earlier and implemented your > other sugge

Re: [Sks-devel] Issue Importing Database Dump (Dents in my forehead)

Brian D Heaton wrote: > Howdy, I'm Brian and I'm trying to get a keyserver running on a > Rackspace hosted cloud server. Reading the archives about brokenness in > the Ubuntu packages, I've compiled both BDB and SKS from source. > Attempting the full-build, the system deadlocks after reading in

Re: [Sks-devel] GnuKS Fork (was Div.)

;because we can" version and is intended to humiliate and expose the following persons in critical positions and doing little to nothing about SKS in general or about SKS in Debian with the exception of lame ass excuses of course. Gold Medal : Christoph Martin / christoph.mar...@uni-mainz.

Re: [Sks-devel] keyserver.gingerbear.net offlne

erbear.net will be offline until I can get to the local cable office, swap out CPE, and get new cable modem installed and configured. - -John John Clizbe wrote: > Having a night of heavy thunderstorms, it looks like the cable/HSI supplying > keyserver.gingerbear.net took a cable cut ~4:28

[Sks-devel] The Wiki has been moved to BitBucket

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1,SHA256 https://bitbucket.org/jpclizbe/sks-keyserver/wiki/Home Yaron, the link is already set to s/jpclizbe/yminsky/ Wiki syntax is a bit different. See http://wikicreole.org/wiki/Creole1.0 - -John - -- John P. Clizbe Inet: John

Re: [Sks-devel] [patch] Clocks and VMs

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1,SHA256 Phil Pennock wrote: > I do not run with SKS in a VM and have never experienced the clock > problem, so can't test if the attached patch resolves any problems. I > can confirm that I can receive a key from a peer with this code applied. > So it'

Re: [Sks-devel] Bitbucket?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1,SHA256 C.J. Adams-Collier wrote: > No objection aside from never having heard of the bitbucket revision > control system. Any reason you're not considering something git-based? > > Sent from my PDP-11 Other than the name being somewhat offensive in

Re: [Sks-devel] keyserver.gingerbear.net offlne -- Resolved

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1,SHA256 Appears that all is back to normal... for now. - -John John Clizbe wrote: > Having a night of heavy thunderstorms, it looks like the cable/HSI supplying > keyserver.gingerbear.net took a cable cut ~4:28 AM CDT. This is verifiable by >

[Sks-devel] keyserver.gingerbear.net offlne

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1,SHA256 Having a night of heavy thunderstorms, it looks like the cable/HSI supplying keyserver.gingerbear.net took a cable cut ~4:28 AM CDT. This is verifiable by turning on any TV in the house. :-( sks-keyservers.net AT&T U-Verse link is still up and

Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1,SHA256 Kiss Gabor (Bitman) wrote: >> The easiest solution would be to auto-expire keys after a fixed time >> (a good strategy anyway from a security perspective). > > What about deleting expired signatures from keys? &option=clean in my earlier email

Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1,SHA256 Jeffrey Johnson wrote: > > On May 30, 2012, at 10:58 PM, John Clizbe wrote: > >> Jeffrey Johnson wrote: >>> >>> Its the expired robo-signatures on existing pubkeys, not >>> the pubkeys, th

Re: [Sks-devel] Bitbucket?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1,SHA256 Yaron Minsky wrote: > John? Seems like you're the main person who I haven't heard a response > from. How do you feel about switching to bitbucket? > Sorry for the late reply, Long weekend at BF's place. And a slew of catch up once I got home.

Re: [Sks-devel] 0xd5920e937cc1e39b shows signatures with 0xca57ad7c continuing?

Jeffrey Johnson wrote: > > Its the expired robo-signatures on existing pubkeys, not > the pubkeys, that need filtering. There is also a need to > delete pubkeys > > Is there a solution that can filter out specific expired > signatures on pub keys that can be gossip'd efficiently? > > AFAIK addit

Re: [Sks-devel] Support per something like pksclient

Giovanni Mascellani wrote: > Hi. > > Il 22/05/2012 20:02, Jens Leinenbach ha scritto: >> Hi, >> >> Why not use this? >> gpg --keyserver $SERVER --recv-keys $KEYID > > I don't want to import the key in a local keyring, I just want to dump > it in the standard output. Then the script pks2wot will

Re: [Sks-devel] Request for testing: Issue 12: options=mr seem to not work with op=get

Kristian Fiskerstrand wrote: > Hi, > > I've made an attempt at solving issue 12: "options=mr seem to not work > with op=get"[0]. > > The original issue report says "While it seems that options=mr > (machine readable) works with the index operation, it seems to not > work with the "get" operation.

[Sks-devel] Changes Available on SKS trunk

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1,SHA256 Thanks to work by Kristian Fiskerstrand, Phil Pennock, and myself the following changes are now available on the SKS trunk: - Fix X-HKP-Results-Count so that limit=0 returns no results, but include the header, to let a client poll for how

Re: [Sks-devel] New Debian Binary Replacement

Gabor Kiss wrote: >> > So, my requests: >> > >> >1. Source code >> >2. Change of name >> >3. An end to all this useless squabbling > >> I would like to support this idea wholeheartedly. > > Me too. Not necessarily in this order. One addition: 4. Remove slanderous^W libelous pe

Re: [Sks-devel] New Debian Binary Replacement

Gabor Kiss wrote: >> > So, my requests: >> > >> >1. Source code >> >2. Change of name >> >3. An end to all this useless squabbling > >> I would like to support this idea wholeheartedly. > > Me too. Not necessarily in this order. One addition: 4. Remove slanderous personal atta

  1   2   3   >