Re: Building SKS on Alpine Linux 3.12 with ocaml 4.08

[Jeremy T. Bouse]

So I've spent the weekend working on my SKS Docker image build... The repo is available at https://github.com/UGNS/sks-docker and the image itself is available at https://hub.docker.com/r/jtbouse/sks

I'd welcome some further sets of eyes on it. I've ran several tests against it all weekend with keydumps from https://mirror.cyberbits.eu/sks/dump/ and https://sks.pod02.fleetstreetops.com/dump/2020-10-15/ after I had some initial Seg Fault issues during the key import step. I've got a couple patches applied based on works I was able to pull together from various sources in an attempt to clean up the build and harden the deployment.

Next step is to work on my Terraform deployment now that I have the image rebuilt and seemingly working without issues. Once I get it up and running I'll be looking to find some peers again.

On Fri, Oct 16, 2020 at 12:42 PM Todd Fleisher <todd@fleetstreetops.com> wrote:

On Oct 16, 2020, at 08:46, Skip Carter <skip@taygeta.com> wrote:

What are the characteristics of a poison key ?

A large number of bogus 3rd party signatures applied to the public key and uploaded to the network

What makes it bad ?

The key size becomes too large for GPG to process it

I wonder if there is an algorithmic way to deal with them instead of a
blacklist.

This has been discussed to death on the list previously. Check the archives if you’d like more info. The short answer is no due to a lack of development resources. GNUPG has already mitigated against this by stripping 3rd party signatures & numerous GPG implementations have also moved to keys.openpgp.org as the default keyserver in response to this issue.

-T

--
Dr Everett (Skip) Carter  0xF29BF36844FB7922
skip@taygeta.com

Taygeta Scientific Inc
607 Charles Ave
Seaside CA 93955
831-641-0645 x103