Re: [Sks-devel] Kristian is alvie :-)

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Kristian is alvie :-)

From:	Daniel Kahn Gillmor
Subject:	Re: [Sks-devel] Kristian is alvie :-)
Date:	Fri, 18 Mar 2011 15:22:37 -0400
User-agent:	Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.15) Gecko/20110309 Icedove/3.1.9

On 03/18/2011 02:38 PM, Jonathan Wiltshire wrote:
> On Fri, Mar 18, 2011 at 01:45:52PM -0400, Daniel Kahn Gillmor wrote:
>> Kristian, i would happily offer zimmermann.mayfirst.org as a redundant
>> authoritative DNS server -- we'd just need to coordinate how the pool
>> gets published.
> 
> I suggest DNS slaves would be the simplest way to achieve this. I'm happy
> to offer a London slave. If the master server sends notifies and the slaves
> do a XFER, pool updates can be run with almost no delay for clients.

the DNS slave setup would suffer from a different (and slightly
less-bad, though more difficult to notice when it happens) SPOF, though,
in the form of a primary that fails to run updates on the secondaries.

It seems more failsafe to me If all the nameservers are publishing their
independent view of the keyserver network, but i agree it might be more
expedient to set up XFER, at least initially.

        --dkg

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] Kristian is alvie :-), Sebastian Urbach, 2011/03/18
- Re: [Sks-devel] Kristian is alvie :-), Daniel Kahn Gillmor, 2011/03/18
  - Re: [Sks-devel] Kristian is alvie :-), Jonathan Wiltshire, 2011/03/18
    - Re: [Sks-devel] Kristian is alvie :-), Jonathan Wiltshire, 2011/03/18
    - Re: [Sks-devel] Kristian is alvie :-), Daniel Kahn Gillmor <=

Prev by Date: Re: [Sks-devel] Kristian is alvie :-)
Next by Date: [Sks-devel] Third and last mail from Kristian
Previous by thread: Re: [Sks-devel] Kristian is alvie :-)
Next by thread: [Sks-devel] Hardware Issue / Kristian
Index(es):
- Date
- Thread