GPL'd OpenPGP Keyserver

V. Alex Brennen vab at cryptnet.net
Mon Feb 19 17:28:07 CET 2001 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Werner, 

I'm addressing this to your mailing list instead of you directly
because I realize that there may be others out there who are
working on keyservers or other openPGP code which could benefit 
from this topic of discussion.

I'm writing an openPGP (RFC2440) compliant keyserver.  I really
should say "I've written", as I've nearly completed the project.
This is a complete reimplementation in C from scratch based on
RFC2440 which is licensed under the GPL.

The remaining part of the code which I have to write right now is
the code to allow command line programs (like GnuPG) to access the
keyserver from the command line.  

I've made a great number of improvements over Marc's design,
including RDBMS ties to increase speed, better key handling,
socket based syncing with other keyservers (rather than POP
email based), etc...

As part of this new design paradigm, I'd also like to improve the
way in which programs like GnuPG retrieve keys from the keyserver.
In my keyserver design, the primary key in the db schema is the
fingerprint of the key.  Therefor, I plan to support queries from
command line programs by fingerprint, (16) keyid and (8) keyid.
It would be nice to have gpg support use of the fingerprint and
full keyid to retrieve keys.

Please let me know your thoughts on this.

Also, I was playing with the idea of dropping the HTTP protocol
for the socket based communications.  Although I'm leaning 
against this, I'd appreciate and seriously consider feedback.

Finally,  thanks for writing gnupg.  I found the gnupg code 
incredibly easy to read and understand.  I even used some of
it in the keyserver.  It was invaluable.

My project page is:

    http://www.cryptnet.net/fsp/cks/

No source code is posted yet as the keyserver doesn't actually
exist yet, but I hope to make a beta release in the second week
of next month (depending in part on the outcome of this
conversation).

Thanks,

	VAB

- ---
V. Alex Brennen    [vab at cryptnet.net]
  F A R  B E Y O N D  D R I V E N !
 CryptNET: Free Cryptography Project
    [ http://www.cryptnet.net/ ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: Made with pgp4pine 1.75-6

iD8DBQE6kUsZ+pIJc5kqSz8RAgI0AJ9d/jP1sJNa4JauxyNrWt+IHGIzDQCggQ/0
9TjdNEkeUAaZtL32pdRXPvI=
=4LjZ
-----END PGP SIGNATURE-----

More information about the Gnupg-devel mailing list