summaryrefslogtreecommitdiff
path: root/doc/zimmermann
diff options
context:
space:
mode:
Diffstat (limited to 'doc/zimmermann')
-rw-r--r--doc/zimmermann/changelog49
-rw-r--r--doc/zimmermann/https-proxy14
-rw-r--r--doc/zimmermann/index.html73
3 files changed, 136 insertions, 0 deletions
diff --git a/doc/zimmermann/changelog b/doc/zimmermann/changelog
new file mode 100644
index 0000000..8dedf58
--- /dev/null
+++ b/doc/zimmermann/changelog
@@ -0,0 +1,49 @@
+******************************************************************************
+* *
+* zimmermann system log *
+* *
+******************************************************************************
+* Please add new entries in reverse chronological order whenever you make *
+* changes to this system (first command at top, last at bottom) *
+******************************************************************************
+
+2008-11-29 - dkg
+ * zimmermann now uses an X.509 certificate signed by the MF/PL CA
+ for its HTTPS connection.
+
+2008-11-19 - dkg
+ * added 10 SKS peers as a result of feedback from sks-devel.
+ * set localtime to America/New_York via dpkg-reconfigure tzdata
+ * aptitude update && aptitude full-upgrade
+ * set up /var/lib/sks/www/index.html based on
+ doc/zimmermann/index.html from this repo.
+ * made nginx proxy plain ol' HTTP on port 80 also so that SKS does
+ not need to try to listen on a privileged port.
+ * turned on initial_stat and stat_hour: 3 in /etc/sks/sksconf
+
+2008-11-19 - mlc
+ * aptitude install nginx
+ * get rid of /etc/nginx/sites-enabled/default
+ * create /etc/nginx/sites-available/https-proxy and make a symlink
+ to it in the sites-enabled directory
+ * invoke-rc.d nginx start
+
+2008-11-17 - micah
+ * verified the SHA256 values for the key material
+ * /usr/lib/sks/sks_build.sh (chose option #2: normalbuild)
+ * chown -R debian-sks:debian-sks /var/lib/sks
+ * edit /etc/default/sks to enable the initscript
+ * /etc/init.d/sks start
+ * rm -rf /var/lib/sks/dump
+
+2008-11-15 - micah
+ * aptitude update && aptitude full-upgrade
+ * aptitude install sks
+ * cd /var/lib/sks/dump ; wget -q -r -np -nd -A bz2,SHA256,asc \
+ http://nynex.net/keydump/ -e robots=off
+ * install monkeysphere 0.21-2 package
+ * apt-get install bzip2 ; bunzip2 /var/lib/sks/dump/*.bz2
+
+2008-11-15 - jamie
+ * aptitude install esmtp-run mailx
+ * edited /etc/esmtp-run, configured to relay to bulk.mayfirst.org
diff --git a/doc/zimmermann/https-proxy b/doc/zimmermann/https-proxy
new file mode 100644
index 0000000..c4521a7
--- /dev/null
+++ b/doc/zimmermann/https-proxy
@@ -0,0 +1,14 @@
+server {
+ listen 443;
+ server_name zimmermann.mayfirst.org;
+ ssl on;
+ ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
+ ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
+ ssl_ciphers HIGH:MEDIUM:!ADH;
+
+ access_log off;
+
+ location / {
+ proxy_pass http://localhost:11371/;
+ }
+}
diff --git a/doc/zimmermann/index.html b/doc/zimmermann/index.html
new file mode 100644
index 0000000..e8e36e0
--- /dev/null
+++ b/doc/zimmermann/index.html
@@ -0,0 +1,73 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+ <head>
+ <title>SKS Search Page</title>
+ <meta http-equiv="content-type" content="text/html; charset="utf-8">
+ <meta name="author" content="Yaron M. Minsky/Jack Cummings/Daniel Kahn Gillmor">
+ </head>
+ <body text="#000000" bgcolor="#ffffff" link="#000099" vlink="#990099" alink="#000099">
+ <h1><a href="http://www.nongnu.org/sks/">SKS OpenPGP Keyserver</a> <br> @zimmermann.mayfirst.org</h1>
+ <p> SKS is a OpenPGP keyserver whose goal is to provide easy to deploy, decentralized, and highly reliable synchronization. That means that a key submitted to one SKS server will quickly be distributed to all key servers, and even wildly out-of-date servers, or servers that experience spotty connectivity, can fully synchronize with rest of the system. </p>
+ <p>You can find out more about SKS, along with links to graphs of the network status <a href="http://www.nongnu.org/sks/">here</a>.</p>
+ <table cellpadding="2" cellspacing="2" border="1" width="600" bgcolor="#ddddff">
+ <tr>
+ <td valign="top">
+ <h3>Extract a key</h3>
+ <p>You can extract a key by typing in some words that appear in the userid
+ of the key you're looking for, or by typing in the keyid in hex format ("0x...")</p>
+ <p>
+ <form action="/pks/lookup" method="get">
+ Search String: <input name="search" size="40"> <br>
+ Show PGP "fingerprints" for keys
+ <input type="checkbox" name="fingerprint"> <br>
+ Show SKS full-key hashes
+ <input type="checkbox" name="hash"> <br>
+ Search for keys: <br>
+ <input type="radio" name="op" value="index" CHECKED> get index of matching keys <br>
+ <input type="radio" name="op" value="vindex"> get verbose index of matching keys <br>
+ <input type="radio" name="op" value="get"> retrieve ascii-armored keys <br>
+ <input type="radio" name="op" value="hget"> retrieve keys by full-key hash
+ <br>
+ <input type="reset" value="Reset">
+ <input type="submit">
+ </form>
+ <br>
+ </td>
+ </tr>
+ <tr>
+ <td valign="top">
+ <h3>Submit a key</h3>
+ You can submit a key by simply pasting in the ASCII-armored version
+ of your key and clicking on submit.
+ <form action="/pks/add" method="post">
+ <textarea name="keytext" rows="20" cols="66"></textarea> <br>
+ <input type="reset" value="Reset">
+ <input type="submit" value="Submit this key to the keyserver!">
+ </form>
+ </td>
+ </tr>
+ <tr>
+ <td>
+ <h3>
+ Access
+ </h3>
+ To use this server directly via HKP add this to your .PGP keyserver list:<br>
+
+<pre>x-hkp://zimmermann.mayfirst.org
+http://zimmermann.mayfirst.org:11371</pre>
+
+ You can also select a random server by adding this to your keyserver list:<br>
+
+<pre>x-hkp://pool.sks-keyservers.net
+http://pool.sks-keyservers.net:11371</pre>
+
+ </td>
+ </tr>
+ </tbody>
+ </table>
+
+<hr>
+ [<a href="/pks/lookup?op=stats">Server Status</a>] If you have any questions
+ about or problems with this server, please <a href="https://support.mayfirst.org/newticket?summary=zimmermann.mayfirst.org%20trouble">open a ticket</a>.
+ </body>
+</html>