Re: [openpgp] keyserver protocol

John Clizbe <> Wed, 08 May 2013 12:25 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 53F4621F8E98 for <>; Wed, 8 May 2013 05:25:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.099
X-Spam-Status: No, score=-1.099 tagged_above=-999 required=5 tests=[AWL=0.900, BAYES_00=-2.599, J_CHICKENPOX_51=0.6]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id UPJOopHSBWI7 for <>; Wed, 8 May 2013 05:25:44 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 8FF7121F8E84 for <>; Wed, 8 May 2013 05:25:41 -0700 (PDT)
X-Authority-Analysis: v=2.0 cv=cYNQXw/M c=1 sm=0 a=ulbKWX+3DyaA8G8Ha9A3Bw==:17 a=ehAo5EXnqZIA:10 a=XqBCkJwx3yUA:10 a=05ChyHeVI94A:10 a=M0ekKXdxTI4A:10 a=ayC55rCoAAAA:8 a=48vgC7mUAAAA:8 a=hvCv-v4cZ4kA:10 a=GwUem0DFAAAA:8 a=69wJf7TsAAAA:8 a=jFpR5k_0AAAA:8 a=5ZAm5Rvu49jaItqNxMUA:9 a=QEXdDO2ut3YA:10 a=AoHxI1HT9TUA:10 a=OtjhUDtStarv06SK:21 a=YZSYIv5btM9ZXAsH:21 a=QfKxxUxMAAAA:8 a=UXUmiDrv6FKpzWzVWkcA:9 a=ulbKWX+3DyaA8G8Ha9A3Bw==:117
X-Cloudmark-Score: 0
Received: from [] ([] helo=[]) by (envelope-from <>) (ecelerity r()) with ESMTP id 0B/70-11869-2444A815; Wed, 08 May 2013 12:25:39 +0000
Message-ID: <>
Date: Wed, 08 May 2013 07:25:07 -0500
From: John Clizbe <>
Organization: GingerBear Conspiracy Theories To Go
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:20.0) Gecko/20100101 Firefox/20.0 SeaMonkey/2.17.1
MIME-Version: 1.0
References: <> <> <> <> <>
In-Reply-To: <>
X-Enigmail-Version: 1.5.1
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="----enig2PQRFTFVVLVPMQMWXALJC"
Subject: Re: [openpgp] keyserver protocol
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 08 May 2013 12:25:50 -0000

Daniel Kahn Gillmor wrote:
> Thanks for these details, John.  This is exactly the sort of thing that
> i wanted to start getting fleshed out.
> On 05/08/2013 12:02 AM, John Clizbe wrote:
>> Daniel Kahn Gillmor wrote:
>>> 0) "I have no key material matching this name/keyid at all"
>>> 1) "I have too many keys that match this search to bother you with an 
>>> insanely long list"
>> You /must/ mean documenting how those two are already implemented?
> well, this is how they're implemented in SKS, which is the defacto
> reference implementation, for sure.  so yes, documenting this in the
> only public spec of the HKP protocol would be good.

Casey Marshall is well along in his implementation, Hockeypuck, which if I
understood correctly, is implementing HKP with the behavior of SKS. He is
implementing the reconciliation process of SKS as well. He has implemented
them in Go.

>> X-HKP-Results-Count: number of matching keys
> This header (i think you're implying that it is an HTTP response header)
> doesn't seem to be used at all in GnuPG if i'm searching
> git:// properly.
> I know there are other HKP client implementations but (like sks on the
> server side) gnupg is a sort of defacto reference implementation.  If
> it's not making use of this header, then it probably needs to be better
> documented and patches pushed to gpg.

Yes, it's a HTTP header, returned since 1.1.2. See this thread for more
details about why it exists: [Sks-devel] SKS, Content-Length and HEAD requests
[ ]

This may be getting a bit SKS-centric for the OpenPGP list.
John P. Clizbe                      Inet: John (a) Gingerbear DAWT net
SKS/Enigmail/PGP-EKP                  or: John ( @ ) Enigmail DAWT net
FSF Assoc #995 / FSFE Fellow #1797  hkp://  or

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"