Request for Patience and Cooperation

Rocke Verser (
Thu, 22 May 1997 11:20:01 -0600



As you probably know, the keyserver was unavailable for about 1.5 hours
Wednesday morning/early afternoon.

The reason for the outage was a user "testing" some buggy code against
the production keyserver.

And "yes", I'm rather ticked-off about it!

I have never claimed the keyserver was bullet-proof. Maybe it should
be more robust, considering it's only handling about 1/4 million
requests per day, and only doling out around 300,000,000,000,000
keys per day.

You wouldn't believe the onslaught of strange and bogus data that
comes to the keyserver. The keyserver manages to deal with most of it
successfully. But neither the keyserver nor my ISP are bullet-proof.

If you support the DESCHALL effort, *please* do not test your code
against the production (3.5 billion key/second) keyserver!

Prior to the outage, I urged the person who took down DESCHALL to ask
for advice on the mailing list. Here is an excerpt of his response.
[This e-mail was received about 1.5 hours before the outage, while I
was sleeping.]

> Even if you don't have experience with firewalls, I do, and it is a
> specialty of mine. The easiest way for me would have been to integrate
> the tunneling code directly into your code. Since you won't let me do
> that, I will have to write my own tunnel.

We lost approximately one Pentium-year worth of keys.

I have no reason to suspect this person intended harm to the project.
But his refusal to ask for advice from those who had gone before *did*
cost the project a bunch of keys.

Should I post his IP address, so you can send him 1 ping per lost key?
[Very tempting! :) ]

Should I ban his site from contacting the keyserver?

With some 10,000 computers contacting the keyserver daily, I just don't
have time to deal with every loose cannon.

Justin, Matt, Andrew, Darrell, and others know how picky I am about
testing new clients or gateways against the production keyserver.
They can tell you how painstaking and time-consuming is the QA
process for a new client.

The whole DESCHALL development team is dedicating a lot of time and
energy to this project. And I know it can be frustrating to not have
a client for your platform or not be able to get through your firewall.

But as we take time out to deal with the loose cannons, there is less
time available to provide general solutions (and new clients) that will
benefit everybody.

By the way, adding more developers isn't a solution. This project is
not unlike "The Mythical Man-Month" by Brooks. And I'm just about at
my capacity for managing the project.

We have a lot of ideas for making faster clients, and keeping the clients
busy when the keyserver is inaccessible. But we're just going to have
to stop dealing with the side-issues and the loose cannons if you ever
want to see these nifty new developments. :-)

Cheers! And thanks for all of your support!

- -- Rocke

Version: 2.6.2