[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] How much load are keyservers willing to handle?
|
From: |
Arnold |
|
Subject: |
Re: [Sks-devel] How much load are keyservers willing to handle? |
|
Date: |
Thu, 19 Dec 2013 22:39:37 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20131005 Icedove/17.0.9 |
Hi,
On 12/19/2013 02:04 AM, Jason Harris wrote:
> On Wed, Dec 18, 2013 at 10:20:26PM +0000, adrelanos wrote:
>> Writing that script would be much simpler if it could re-use the
>> existing keyserver infrastructure. Now imagine if this gets added to
>> Debian, that all users of Debian and all its derivatives will always
>> refresh their signing key against keyservers? Could keyservers cope up
>> with the load?
>
> 1) setup your own DNS so you can shut things off if anything goes wrong!
> (you can use dyn.com or others, no servers required)
Analogue to the NTP pool [1] I would suggest to create special pools within
sks-keyservers.net for vendors, like <vendor>.pool.sks-keyservers.net. This pool
will be equal to the main pool in normal circumstances, but can be modified in
case
of problems. That way "we" stay in control.
[1] http://www.pool.ntp.org/en/vendors.html
Best regards,
Arnold