(Presentation.tex) Add slide on downsides to SKS master
authorKristian Fiskerstrand <kf@sumptuouscapital.com>
Mon, 5 Sep 2016 22:53:37 +0000 (00:53 +0200)
committerKristian Fiskerstrand <kf@sumptuouscapital.com>
Mon, 5 Sep 2016 22:53:37 +0000 (00:53 +0200)
Presentation.tex

index 5173532..befcfc8 100644 (file)
                                \item Curves/Schemes: Ed25519 (EdDSA), Curve25519 (ECDH)
                        \end{itemize}
                \framebreak
+               \item SKS is single-threaded
+               \item Recommendations for setting up SKS is listed on {\tiny\url{https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Peering}}
+               \item These recommendations includes instructions on setting up a reverse proxy
+               \item In particular this avoids DoS due to slow connections
+               \item Additionally some server administers that experience high loads use a load-balanced setup (\ref{sksks:intro})
+               \framebreak
                \item The keyservers in the pool is accessed based on the Horowitz Key Protocol (\textbf{HKP}).
                \item HKP is a layer on top of HTTP defining how to access the keyserver. It was never formally accepted as a standard but the basis is found in {\tiny\url{http://tools.ietf.org/html/draft-shaw-openpgp-hkp-00}}. 
                \item Development since the initial draft is based on community consensus, mainly between GnuPG and SKS as reference implementations.
 \section{sks-keyservers.net}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[allowframebreaks]
+\label{sksks:intro}
 \frametitle{Introduction}
        \begin{itemize}[label={$\rhd$}]
                \item \url{https://sks-keyservers.net} provides a convenient way for end users of OpenPGP to retrieve and update keys from synchronised and responsive HKP keyservers