[Announcement] SKS 1.1.6 Released

Kristian Fiskerstrand kristian.fiskerstrand at sumptuouscapital.com
Sun Aug 7 16:40:08 CEST 2016

Hello lists,

We are pleased to announce the availability of a new stable SKS
release:  Version 1.1.6.

SKS is an OpenPGP keyserver whose goal is to provide easy to deploy,
decentralized, and highly reliable synchronization. That means that a
key submitted to one SKS server will quickly be distributed to all key
servers, and even wildly out-of-date servers, or servers that experience
spotty connectivity, can fully synchronize with rest of the system.

What's New in 1.1.6
  - Add support for Elliptic Curve keys based on Curve25519 (both
    Ed25519/EdDSA and encryption keys based on these curves)
  - Fix format of md5sum file by adding a 2nd space to be format
  - Improvements to sks build stack space requirements
  - Misc updates and fixes to web interface and typical config file

Note when upgrading from earlier versions of SKS
The default values for pagesize settings changed in SKS 1.1.4. To
continue using an existing DB from earlier versions without rebuilding,
explicit settings have to be added to the sksconf file.
pagesize:       4
ptree_pagesize: 1

Getting the Software
SKS can be downloaded from

There are a few prerequisites to building this code. You need:
* ocaml-4.0 or later. Get it from
* Berkeley DB version 4.6.* or later, whereby 4.8 or later is recommended.
  You can find the appropriate versions at

* GNU Make and a C compiler (e.g gcc)

Verifying the integrity of the download
Releases of SKS are signed using the SKS Keyserver Signing Key
available on public keyservers with the KeyID

and has a fingerprint of

    C90E F143 0B3A C0DF D00E 6EA5 4125 9773 973A 612A.
Using GnuPG, verification can be accomplished by, first, retrieving the
key using

    gpg --keyserver pool.sks-keyservers.net --recv-key 0x41259773973A612A
followed by verifying that you have the correct key

    gpg --keyid-format long --fingerprint 0x41259773973A612A

should produce:

    pub   4096R/41259773973A612A 2012-06-27
    Key fingerprint = C90E F143 0B3A C0DF D00E 6EA5 4125 9773 973A 612A
A check should also be made that the key is signed by
trustworthy other keys;

    gpg --list-sigs 0x41259773973A612A

and the fingerprint should be verified through other trustworthy sources.
Once you are certain that you have the correct key downloaded, you can
a local signature, in order to remember that you have verified the key.

     gpg --lsign-key 0x41259773973A612A

Finally; verifying the downloaded file can be done using

    gpg --keyid-format long --verify sks-x.y.z.tgz.asc

The resulting output should be similar to
    gpg: Signature made Wed Jun 27 12:52:39 2012 CEST
    gpg:                using RSA key 41259773973A612A
    gpg: Good signature from "SKS Keyserver Signing Key"

We have to thank all the people who helped with this release, by
discussions on the mailing list, submitting patches, or opening issues
for items that needed our attention.

Happy Hacking,

  The SKS Team (Yaron, John, Kristian, Phil, and the other contributors)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160807/a31eb527/attachment.sig>

More information about the Gnupg-users mailing list