Robert J. Hansen | 20 Apr 01:48 2014

Re: status page

> Du hast scheinbar überlesen dass die Nachricht via Handy getippert wurde

I would suggest doing what I do when I send messages in languages other
than English; turn off autocorrect.

As it happens, I have a copy of Brecht's _Leben des Galilei_ on my
endtable right now.  Not all Americans are dependent on Google
Translate: some of us were exchange students and have not forgotten the
language.  :)

A translation for the list -- human-generated, which means it's not
literal but will hopefully maintain the spirit of his post:

    "You've overlooked that the message was typed on a cell and the
     autocorrect isn't designed for English.  'This message was sent
     from my Android phone via K-9 Mail.'  And because you're just like
     the first poster and aren't engaging with the real issues, you're
     dead to me."

Okay.  Glad we got that straight, Simon.  That said, this list has
always used English as a common language of communication.  Please use
it in the future.

_______________________________________________
Sks-devel mailing list
Sks-devel <at> nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel
Simon Lange | 19 Apr 02:23 2014

Re: status page


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 18.04.2014 23:39, schrieb Martin Papik:
>
> By the way, Phil's email explains why it's required, and now I
> understand why it's a true requirement, at least for servers in the
> pool. For non pool servers it doesn't matter.

since i only talked about the pool. well...
phil just proved that he didnt understand anything. however hes not
topic here.

>
> > that STRONGLY depends where you living. i could tell you days
> > filled with stories about really stupid feds seizing servers
> > raiding homes by mistake. never underestimate them and why risking
> > something when its not required to achieve a goal? ;)
>
> Are the German feds stupid and/or aggressive? Or are you referring to
> a different country?

it even depends where in germany you are living. try to avoid berlin. ;)

- -- 
________________________________________________________
Simon Lange Consulting  - Gaudystr. 6  - DE-10437 Berlin
Telefon: +49(0)30/89757206 Mobil: +49(0)151/22640160
- ----------------------------------------http://s-l-c.biz
(Continue reading)

Simon Lange | 18 Apr 22:44 2014

Re: status page

im afraid gpg wont show that while using it. ;)
but for the webinterface its valid. ;)

but i see you understand now my problem. ;)

Simon

Am 18.04.2014 22:38, schrieb Tobias Frei:
> Hi,
>
> simply add "this page is served by keys.s-l-c.biz; I am in no way
> affiliated with other hostnames which might resolve to this IP" or
> something like that to the page then?
>
>
>
> Best regards,
> Tobias Frei
>
> Am 18.04.2014 22:31, schrieb Simon Lange:
>> it gives those "bad ppl" a benefit. because they can pretend
>> running a public service although they dont. and i would passivly
>> support them with my machines doing that. thats a nogo for me.
>>
>> see?
>>
>> Simon
>>
>> Am 18.04.2014 22:26, schrieb Tobias Frei:
>>> Hi,
(Continue reading)

Simon Lange | 17 Apr 01:13 2014

status page

Hi,

im a it supprised. i just stumbled over:
https://sks-keyservers.net/status/info/keys.s-l-c.biz

which says that my keyserver was last seen three days ago. im not
enlisted anymore and the status page cannot even say what server im
running etc etc

im a bit wondered. why?
i can reach it via 11370 11371 and 443

proof?
simon <at> entertain:~$ gpg --keyserver hkp://keys.s-l-c.biz --search-key
mail@...
gpg: searching for "mail@..." from hkp server keys.s-l-c.biz
(1)     Simon Lange <mail@...>
          2048 bit RSA key BDD503BE, created: 2009-09-04
Keys 1-1 of 1 for "mail@...".  Enter number(s), N)ext, or Q)uit >

works like charme.

via browser? see attachment (screenshot). works too. ;)

recon works too
2014-04-17 01:12:04 Beginning recon as server, client: <ADDR_INET
[162.243.102.241]:59001>
2014-04-17 01:12:04 Joining reconciliation
2014-04-17 01:12:04 Reconciliation complete
2014-04-17 01:12:04 2 hashes recovered from <ADDR_INET
(Continue reading)

David Benfell | 14 Apr 03:31 2014

sks.disunitedstates.com back up

Hi all,

Sorry for the lack of notice. My web server has been down as I worked
to respond to heartbleed. This response ultimately involved a
distribution change: CentOS 6.5 just wasn't cutting it--and now that I
see some things working properly on Fedora 20--seems to have had other
problems besides. But my web server now has double-the-normal-length
SSL keys and perfect forward secrecy.

sks is now back up. If anyone follows my path, please note that the
init scripts that come with Fedora's sks rpm are broken--in an
appallingly stupid and easy to fix way: Buried amongst a ton of
verbiage that you'll get trying to track this down are the
all-important words "Exec format error." If you look at the init
scripts, you'll see that somebody made it pretty by sticking spaces in
the front of every line, including the #!/bin/bash line. You can leave
it mostly pretty, but take out those spaces at the beginning of the
#!/bin/bash line.

I'm now looking at the web interface. Does anyone have a pretty
index.html page they'd be willing to share?

Also, I'm scheduling a keydump for Tuesdays at 0500 (America/Los
Angeles time). My intention is to share this. The time I've selected
is mostly arbitrary; if another time would be better, let me know.

--

-- 
David Benfell <benfell@...>
See https://parts-unknown.org/node/2 if you don't understand the
attachment.
(Continue reading)

Michal Bok | 10 Apr 21:21 2014
Picon

seeking peers for sks.mbk.net.pl


Hi,

I am looking for peers for a new SKS keyserver installation.

I am running SKS version 1.1.4, on sks.mbk.net.pl.
This is my (private) VPS server.
The server is physically located in US (Florida, Jacksonville)
The machine has NO IPv6 connectivity.

I have loaded a keydump from ftp.prato.linux.it, dated 2014-04-09.
I see 3592266 keys loaded.

For operational issues, please contact me directly.

sks.mbk.net.pl 11370 # Micha? Bok <mbk@...> 0x0A7F735A

Thank you,
-Micha? Bok
Kiss Gabor (Bitman | 9 Apr 17:38 2014
Picon

Heartbleed ans HKPS pool

Folks,

Do not forget that all hkps.pool.sks-keyservers.net certificates
should be revoked and replaced after fixing openssl Heartbleed Bug
on vulnerable key servers. (Including mine.)

Gabor

Jeremy T. Bouse | 6 Apr 17:37 2014
Picon

Peering etiquette reminder

    Having just spent about an hour sifting through my recon.log and
trying to track down the number of unauthorized gossip attempts I was
seeing I've stopped. I've already contacted a few that I was able to
identify and instead just figured I'd blanket the list as it seems to be
a wider issue.

    When you're adding peers to your membership file you need to contact
the admin of that peer and let them know! It does you no good to simply
add them to your side.

    The other behavior I've seen is hosts wildly out of date that are
constantly locking up the recon process with large requests for keys. If
you're that far out of date it would be far kinder to the network to
re-aquire a current keydump and get up to date before tying up gossip
peering connections.

    I've ran into both while looking through my logs this morning.

    Having just spent about an hour sifting through my recon.log and
trying to track down the number of unauthorized gossip attempts I was
seeing I've stopped. I've already contacted a few that I was able to
identify and instead just figured I'd blanket the list as it seems to be
a wider issue.

    When you're adding peers to your membership file you need to contact
the admin of that peer and let them know! It does you no good to simply
add them to your side.

(Continue reading)

Christian | 6 Apr 11:19 2014
Picon

SKS Peering


Hello all,

I have removed these Peerings from my SKS Server due to long term
failed status and/or failed cross peerings:

keyserver.cais.rnp.br
keyserver.codinginfinity.com
sks.undergrid.net

I am always welcoming new peerings (Gossip only). If you like drop me
a line, here is my suggested peering line:

sks.alpha-labs.net 11370 # Christian Reiss <email@...>
0x44E29126ABCD43C

Cheers!
-Christian.

--

-- 

 Christian Reiss - email@...       /"\  ASCII Ribbon
                                                  \ /    Campaign
 GPG Key: http://gpg.christian-reiss.de            X   against HTML
 Jabber : chris@...                    / \   in eMails

 "It's better to reign in hell than to serve in heaven.",
                                        John Milton, Paradise lost.
BluKeyserver | 4 Apr 11:46 2014

Peering request for keyserver.blupill.com


Hi,

I'm looking for peers for a fresh SKS keyserver deployment.

I'm running version 1.1.4 on keyserver.blupill.com.
The server is physically located in Amsterdam.

I have loaded keydump from ftp.prato.linux.it, dated 2nd of April 2014.
I see 3585709 keys loaded.

keyserver.blupill.com 11370 # BluKeyserver <keyserver@...>
0xB9865CB5

Thank,
Hosteen Storm [TheBluProject]
Martin Papik | 2 Apr 04:50 2014
Picon

SKS peering request [sks-server.randala.com]

Hi everyone,

I've just configured sks 1.1.1 (default on Ubuntu) on 
sks-server.randala.com. The machine has IPv6 but SKS has not yet been 
assigned an address. I wonder, is there an advantage (e.g. in terms of 
peering)? The server is located in Germany/EU. For now I'm deploying the 
server for R&D as a proxy for my private server (behind my ISPs 
randomized NAT).

You may contact me if you have further questions or for any issues, 
operational or otherwise.

Loaded from: http://keys.niif.hu/keydump/ [2014-03-31? ... köszönöm]
Loaded: 3583821 keys

Line to add to /etc/sks/membership

sks-server.randala.com 11370

Thank you.

Martin


Gmane