Actually my research into Hagrid appears to indicate that it performs the functions of HKP and WKS/WKD. The lack of ability to syncrohnize
On Tue, Jun 22, 2021 at 3:52 PM Andrew Gallagher <andr...@andrewg.com> wrote: > On 22/06/2021 19:28, Kiss Gabor (Bitman) wrote: > > On Tue, 22 Jun 2021, Todd Fleisher wrote: > > > >> This service is deprecated. This means it is no longer maintained, and > new HKPS certificates will not be issued. Service reliability should not > be expected. > >> > >> Update 2021-06-21: Due to even more GDPR takedown requests, the DNS > records for the pool will no longer be provided at all. > > > > Do we establish an other pool with the remaining cca 30 hardcore server? > > Same members, same data, same software. New domain. > > I think the idea of a self-organising pool has fundamental flaws. A > service that arbitrarily redirects your request to a desktop in some > random bedroom (or worse!) is not tenable IMO. I would much prefer if > individual operators were responsible for maintaining the availability > of their own service, and users chose between them based on their own > preference. > > Also, any pool running SKS (the software) would suffer from all the same > reliability and compliance issues that led to the old one being shut > down. I believe we should declare both the SKS codebase and the pool (as > a concept) dead at this point. > > Currently there seem to be three options for SKS operators who wish to > keep running: > > Hockeypuck is maintained and in use by a group of about a dozen nodes > that have been synchronising with the SKS network for some time. It is > more reliable than SKS, and has blacklisting configuration parameters > that allow for easier compliance with GDPR. It does not yet solve all > known abuse and privacy issues, so remains a work in progress. > > Hagrid is mature and reliable, but a) it does not synchronise with > anything, and b) it does not serve third-party signatures. > > The last option is WKS/WKD, which favours a corporate environment. The > tooling and UX on the publication side is immature, but for key lookup, > on sufficiently modern clients, it Just Works. The disadvantages are a) > it only serves keys whose emails are in its own domain, and b) it does > not synchronise with anything by default (but this can be scripted). > > I believe a mixture of WKS and synchronising keyservers will be required > for the foreseeable future. I would encourage SKS operators to migrate > to Hockeypuck and help contribute to its development, so that we can > start to address some of the design issues in recon, without having to > worry any more about backwards compatibility with SKS. :-) > > -- > Andrew Gallagher > >
