Service/keys: Difference between revisions
Sascha silbe (talk | contribs) →Description: update link to SKS homepage |
Sascha silbe (talk | contribs) →Description: update link to SKS |
||
| Line 1: | Line 1: | ||
== Description == | == Description == | ||
keys.sugarlabs.org is an OpenPGP [http://en.wikipedia.org/wiki/Key_server_(cryptographic) key server] powered by the [ | keys.sugarlabs.org is an OpenPGP [http://en.wikipedia.org/wiki/Key_server_(cryptographic) key server] powered by the [https://bitbucket.org/yminsky/sks-keyserver SKS] keyserver software. | ||
We use [http://www.monkeysphere.info Monkeysphere] to allow users to [http://web.monkeysphere.info/doc/service-authentication-ssh/ authenticate our SSH host keys] using their PGP web of trust. Future plans include [http://web.monkeysphere.info/doc/ssh-user-authentication managing user keys] (authorized_keys) as well. Monkeysphere regularly searches for and fetches (potential) [http://tools.ietf.org/html/rfc4880 OpenPGP] keys for all users to check for new and/or revoked keys, which causes some load on keyservers. In order not to annoy operators of (other) public keyservers, we run our own. As a nice side effect we contribute back to the OpenPGP community by being [http://sks-keyservers.net/status/info/keys.sugarlabs.org part of] the [http://sks-keyservers.net/overview-of-pools.php SKS keyserver pool], similar to what we do for [[Service/time|NTP]]. | We use [http://www.monkeysphere.info Monkeysphere] to allow users to [http://web.monkeysphere.info/doc/service-authentication-ssh/ authenticate our SSH host keys] using their PGP web of trust. Future plans include [http://web.monkeysphere.info/doc/ssh-user-authentication managing user keys] (authorized_keys) as well. Monkeysphere regularly searches for and fetches (potential) [http://tools.ietf.org/html/rfc4880 OpenPGP] keys for all users to check for new and/or revoked keys, which causes some load on keyservers. In order not to annoy operators of (other) public keyservers, we run our own. As a nice side effect we contribute back to the OpenPGP community by being [http://sks-keyservers.net/status/info/keys.sugarlabs.org part of] the [http://sks-keyservers.net/overview-of-pools.php SKS keyserver pool], similar to what we do for [[Service/time|NTP]]. | ||