+++ /dev/null
-onak 0.5.0
-Copyright 2003-2016 Jonathan McDowell
-http://www.earth.li/projectpurple/progs/onak.html
-
-
-Introduction:
-
-onak is an OpenPGP compatible keyserver. It's primary purpose is the
-storage and retrieval of OpenPGP keys but it also has features that make
-use of the stored keys for various other purposes. The most useful of
-these is probably the pathfinder. This takes two keys, a & b, and
-attempts to find a path of trust from a to b in the key database. I
-started work on it because at the time there was no DFSG compliant
-server that supported multiple subkeys and could act as a drop in
-replacement for pksd, which I was running at the time.
-
-
-Installation:
-
-onak has been mainly developed under Linux with a bit of work on FreeBSD
-at times also. It should run on all architectures, but has only been
-tested on i386, AMD64 and PowerPC so far.
-
-Typing "./configure && make" should produce a version of onak with
-support for the DB4 backend. If you want to choose a different backend
-(see below for a discussion about the options) you'll need to pass the
-appropriate option to ./configure.
-
-Once make has completed you'll end up with various binaries:
-
-* onak
- This is the main program. It's intended to be run from the command
- line and allows the addition, deletion and searching of keys in the
- database.
-
-* onak-mail.pl
- The mail processor. Takes incoming mail (usually to
- pgp-public-keys@host) and calls onak to do the necessary work.
- Currently only supports INCREMENTAL mails for syncing with other
- keyservers and INDEX mails from users.
-
-* add, lookup & gpgwww
- The CGI programs. add & lookup are common to all PGP keyservers while
- gpgwww is the pathfinder component of onak. To get a keyserver that
- clients such as GPG can sync with you'll need to put these in a /pks
- directory on a web server running on port 11371. There's an example
- mathopd.conf file provided that I used for testing, but I'm now using
- Apache for the public test rig as it's already present on the host
- running it.
-
-* splitkeys
- Utility to take a keyring and split it up into a bunch of smaller ones.
-
-
-Config:
-
-I've finally added config file support. onak.ini is an example config;
-the main thing to change is the location in the backend section to
-whereever you want to put your database files. The configure script allows
-you to specific where it should live; by default it'll be PREFIX/etc/onak.ini.
-
-
-Backends:
-
-Currently there is support for 6 different database backends:
-
-* file
- The original backend. Very simple and ideal for testing. Stores each
- key as a separate file. Doesn't support searching based on key text.
-
-* pg (PostgreSQL)
- Once the preferred backend. Use onak.sql to create the tables
- necessary to run with this. Unfortunately although suitable for the
- keyserver side it was found to be too slow for running the pathfinder
- with a large number of keys. This may well be due to my use of it - if
- you can help speed it up info would be appreciated.
-
-* db4 (Berkeley libdb4)
- The currently preferred backend. Supports the full range of functions
- like the pg backend but is considerably faster. Also easier to setup
- assuming you have libdb4 installed; there's no need to have an SQL
- database running and configured.
-
-* fs (file backend)
- A fuller featured file based backend. Doesn't need any external
- libraries and supports the full range of operations (such as text and
- subkey searching). Needs a good filesystem to get good performance
- though as it creates many, many files and links.
-
-* hkp
- A proxying backend. No keys are stored locally; all fetch and store
- requests are forwarded to the provided keyserver.
-
-
-Other keyservers:
-
-I'm aware of the following other keyservers. If you know of any more
-please let me know and I'll add them.
-
-* pks
- http://sf.net/projects/pks/
- The prodominant keyserver I believe; what I used to run on
- wwwkeys.uk.pgp.net. Had a spurt of activity a year or two ago, but
- seems to have died off again. The main issue with pks is that it lacks
- support for keys with multiple subkeys bound to them and older
- versions unfortunately mangle them.
-
-* CryptNET Keyserver
- http://www.cryptnet.net/fsp/cks/
- A GPLed server with support for multiple subkeys, but unfortunately
- when I looked at it there was no support for syncing via email which
- means it can't replace a pks server to act as part of pgp.net.
-
-* OpenPKSD
- http://openpksd.org/
- Don't really know a lot about this. Primarily Japanese development
- AFAICT.
-
-* SKS
- http://sks.sourceforge.net/
- A reasonably new keyserver concentrating more on the whole issue of
- syncronization between keyservers. Seems to be gaining in popularity.
-
-
-Contacting the author:
-
-I can be reached via email as noodles@earth.li. I'm usually on IRC on
-OFTC (irc.oftc.net) as Noodles.
-
-All constructive criticism, bugs reports, patches and ideas are welcome.
-
-
-Obtaining later versions:
-
-onak lives at:
-
-http://www.earth.li/projectpurple/progs/onak.html
-
-Development is carried out using git; you can access the repository
-with something like:
-
-git clone git://the.earth.li/onak.git
-
-or it can be browsed via gitweb at:
-
-http://the.earth.li/gitweb/?p=onak.git;a=summary
-
-
-License:
-
-onak is distributed under the GNU Public License version 2, a copy of
-which should have been provided with this archive as LICENSE.
projects / onak.git / blobdiff