Discussion:
[Sks-devel] Changes to requirements for the HKPS pool
Kristian Fiskerstrand
2018-07-03 10:51:34 UTC
Permalink
Although the requirements to get included in the HKPS pool have so far
been a bit subjective and changing over time as I've gotten more
experience (and balancing out the requirements for the pool - it is not
the point for me that every server that requests it gets included).

However, going forwards I'm going to request additional information
about the server hardware (already requesting info on line capacity for
SRV pool purposes) for inclusion in HKPS. In particular I'm giving
preference to clustered setups (in my experience 3 nodes is minimum
requirement for a most stable setup to allow gossipping), and servers
that do caching on the reverse proxy. Additionally low-CPU/low-memory
setups will not be permitted into the HKPS pool.
--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
"If you choose to sail upon the seas of banking, build your bank as you
would your boat, with the strength to sail safely through any storm."
(Jacob Safra (1891–1963))
Kristian Fiskerstrand
2018-07-03 11:16:33 UTC
Permalink
Post by Kristian Fiskerstrand
Although the requirements to get included in the HKPS pool have so far
been a bit subjective and changing over time as I've gotten more
experience (and balancing out the requirements for the pool - it is not
the point for me that every server that requests it gets included).
However, going forwards I'm going to request additional information
about the server hardware (already requesting info on line capacity for
SRV pool purposes) for inclusion in HKPS. In particular I'm giving
preference to clustered setups (in my experience 3 nodes is minimum
requirement for a most stable setup to allow gossipping), and servers
that do caching on the reverse proxy. Additionally low-CPU/low-memory
setups will not be permitted into the HKPS pool.
Following up on this, those that have submitted CSRs and not gotten
signed cert back are asked to re-send it with the additional info
provided above (for clarity; as metadata not in the csr).
--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
"Those who don't know history are destined to repeat it."
(Edmund Burke)
Kristian Fiskerstrand
2018-09-19 21:14:03 UTC
Permalink
Post by Kristian Fiskerstrand
However, going forwards I'm going to request additional information
about the server hardware (already requesting info on line capacity for
SRV pool purposes) for inclusion in HKPS. In particular I'm giving
preference to clustered setups (in my experience 3 nodes is minimum
requirement for a most stable setup to allow gossipping), and servers
that do caching on the reverse proxy. Additionally low-CPU/low-memory
setups will not be permitted into the HKPS pool.
the HKPS pool is now fully served by clustered setups only, hopefully
this results in a better user experience for users of the network.
--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
"There is no urge so great as for one man to edit another man's work."
(Mark Twain)
Loading...