Manual Reference Pages - PKSD (8)
pksd - OpenPGP Public Key Server Daemon
pksd is a daemon which implements the functions of an OpenPGP public key
server. It supports key searches, requests, additions, and modifications via
web and e-mail interfaces.
The server takes a single argument, which is the name of the
configuration file. The format of this file is documented in
The server supports queries via a modified version of HTTP known as HKP
(which allows for queries via web browsers), MRHKP (the machine-readable HKP
format), and an e-mail interface. HKP is implemented by a few form URIs
which are described in the accompanying design document. MRHKP has its own
design document. The e-mail interface is described in the pks_help documents.
In order to control the running daemon, the pksdctl(8) program
is used to send messages to the running server via a unix domain
socket. The type and syntax of these messages is documented in the
pksdctl(8) man page.
The mail server is also used for incremental distribution of
modifications between peer key servers. When a key server receives an
update (meaning new keys, signatures, revocations, etc.), this update
is forwarded to the servers listed as peers (with the syncsite
keyword) in the pksd.conf(5) file. In order to avoid updates
looping forever, the servers which have processed the update are
listed in the message.
To improve performance, when an incremental or add is received, only
the part(s) of that request which are not already part of the key server
database are included. If an incremental or add contains no new data,
no incremental is generated at all.
It is not useful to remove a key from the key server database. Keys in
use will likely be sent to a key server again. Keys not in use are best
left on the key server for archival purposes. In the future, someone
might need to verify a signature from such a key, for example.
In order to remove a key from circulation for whatever reason, the key
can be made "disabled". This server uses the disabled flag in the OpenPGP
file format. To prevent this flag from being misused, the disabled flag is
treated as a special case. When a keyring is merged into the database,
the disabled flags are ignored. Disabled keys in the database cannot be
retrieved from the database, but they are returned by searches.
Marc Horowitz, Massachusetts Institute of Technology
Visit the bug tracking system linked from http://sourceforge.net/projects/pks
to view or report bugs.
Copyright (c) 1996, 1997, 1998, 1999, Marc Horowitz. All rights reserved.
This software doesnt have a warranty, express or implied. See the LICENSE file
in the source distribution for full conditions.
pksclient(8), pksd.conf(5), pksdctl(8), pks-intro(8)
|--> ||PKSD (8) ||17 November 1996 |
Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.