[Sks-devel] [Announcement] SKS 1.1.6 Released

[Daniel Kahn Gillmor]

On Sun 2016-08-07 10:40:08 -0400, Kristian Fiskerstrand wrote:

> We are pleased to announce the availability of a new stable SKS
> release:  Version 1.1.6.

great, thanks!

> Note when upgrading from earlier versions of SKS
> ====================
> The default values for pagesize settings changed in SKS 1.1.4. To
> continue using an existing DB from earlier versions without rebuilding,
> explicit settings have to be added to the sksconf file.
> pagesize:       4
> ptree_pagesize: 1

it's not clear to me what this means: are these settings that should be
added to sksconf if they weren't already there and you're using an
existing database without rebuilding?

what if those variables are already set in the sksconf file but they
have different values?

what if they weren't set, sks was upgraded, and the database wasn't
rebuilt?  what sort of failures should server operators expect?

> Getting the Software
> ====================
> SKS can be downloaded from
> https://bitbucket.org/skskeyserver/sks-keyserver

https://bitbucket.org/skskeyserver/sks-keyserver/downloads

has some very strange text in it:

          <tr class="iterable-item" id="download-1023182">
            <td class="name"><a class="execute" href="
                    /skskeyserver/sks-keyserver/downloads/sks-1.1.6.tgz">sks-1.1.6.tgz</a>
            </td>

Is there a reason for the newline and leading whitespace?  That causes
debian/watch to fail to discover the new tarball.


> A check should also be made that the key is signed by
> trustworthy other keys;
>
>     gpg --list-sigs 0x41259773973A612A

This doesn't actually validate the retrieved signatures, fwiw.  you
probably want --check-sigs instead of --list-sigs.

Regards,

        --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: </pipermail/attachments/20160808/b5c190b1/attachment.sig>