Overview

SKS is an OpenPGP keyserver whose goal is to provide easy to deploy, decentralized, and highly reliable synchronization. That means that a key submitted to one SKS server will quickly be distributed to all key servers, and even wildly out-of-date servers, or servers that experience spotty connectivity, can fully synchronize with rest of the system. You can see SKS in action here:

• http://minsky.surfnet.nl
• http://keyserver.fabbionne.net

And there are many more. Go here to see the members of a pool of sks keyservers.

The foundation of SKS is an efficient algorithm for reconciling remote data sets. That algorithm is described in the following papers:

• Set Reconciliation with Nearly Optimal Communication Complexity
• Practical Set Reconciliation

You can find the (somewhat limited) documentation here.

Features

• Highly efficient and reliable reconciliation algorithm
• Follows RFC2440 and RFC2440bis carefully --- unlike PKS, SKS supports new and old style packets, photoID packets, multiple subkeys, and pretty much everything allowed by the RFCs.
• Fully compatible with PKS system --- can both send and receive syncs from PKS servers, ensuring seamless connectivity.
• Simple configuration: each host just needs a (partial) list of the other participating key servers. Gossip is used to distribute information without putting a heavy load an any one host.
• Supports HKP/web-based querying, and machine readable indices

The design of SKS is deliberately simple. The server consists of two single-threaded processes. The first, sks db, fulfills the normal jobs associated with a public key server, such as answering web requests. The only special functionality of sks db is that it keeps a log summarizing the changes to the key database. sks recon does all the work with respect to reconciling hosts databases. sks recon keeps track of specialized summary information about the database, and can use that information to efficiently determine the differences between its database and that of another host.