PKSD(8)PKSD(8)NAMEpksd - OpenPGP Public Key Server Daemon
SYNOPSISpksd FILE
DESCRIPTIONpksd is a daemon which implements the functions of an OpenPGP public
key server. It supports key searches, requests, additions, and modifi‐
cations via web and e-mail interfaces.
The server takes a single argument, which is the name of the configura‐
tion file. The format of this file is documented in pksd.conf(5).
The server supports queries via a modified version of HTTP known as HKP
(which allows for queries via web browsers), MRHKP (the machine-read‐
able HKP format), and an e-mail interface. HKP is implemented by a few
form URI's which are described in the accompanying design document.
MRHKP has its own design document. The e-mail interface is described in
the pks_help documents.
In order to control the running daemon, the pksdctl(8) program is used
to send messages to the running server via a unix domain socket. The
type and syntax of these messages is documented in the pksdctl(8) man
page.
INCREMENTAL MESSAGES
The mail server is also used for incremental distribution of modifica‐
tions between peer key servers. When a key server receives an update
(meaning new keys, signatures, revocations, etc.), this update is for‐
warded to the servers listed as peers (with the syncsite keyword) in
the pksd.conf(5) file. In order to avoid updates looping forever, the
servers which have processed the update are listed in the message.
To improve performance, when an incremental or add is received, only
the part(s) of that request which are not already part of the key
server database are included. If an incremental or add contains no new
data, no incremental is generated at all.
DISABLED KEYS
It is not useful to remove a key from the key server database. Keys in
use will likely be sent to a key server again. Keys not in use are best
left on the key server for archival purposes. In the future, someone
might need to verify a signature from such a key, for example. In
order to remove a key from circulation for whatever reason, the key can
be made "disabled". This server uses the disabled flag in the OpenPGP
file format. To prevent this flag from being misused, the disabled
flag is treated as a special case. When a keyring is merged into the
database, the disabled flags are ignored. Disabled keys in the data‐
base cannot be retrieved from the database, but they are returned by
searches.
FILES
pksd.conf
AUTHOR
Marc Horowitz, Massachusetts Institute of Technology
BUGS
Visit the bug tracking system linked from http://source‐
forge.net/projects/pks to view or report bugs.
COPYRIGHT
Copyright (c) 1996, 1997, 1998, 1999, Marc Horowitz. All rights
reserved.
This software doesn't have a warranty, express or implied. See the
LICENSE file in the source distribution for full conditions.
SEE ALSOpksclient(8), pksd.conf(5), pksdctl(8), pks-intro(8)
17 November 1996 PKSD(8)