Overview

OpenKeyServer make it the ideal solution for managing a very large keyring where everybody can store an OpenPGP public key to share it with other people. Through the use of a keyserver, you can retrieve someone else's public key in order to authenticate or secure a communication with this person. At this point it acts like a kind of white pages.

Managing such a huge keyring can be difficult with common tools, but because this point has been introduced very early in its design, OpenKeyServer has been build to handle huge amount of data.

A second important point which characterizes the server is its openness. Tomorrow's world cannot be conceived without the interconnection of programs, databases and networks. This server has been split into several parts to allow new tools and extensions to be easely developed. For instance, it would be possible to request this server through other well-known protocols like LDAP or services like DNS as soon as their gateways are written. The OpenKeyServer (OKS) can receive direct requests from client-side encryption software like PGP, SafeMail and many others.

Systems resources management: although some administrators will have to manage public keys for a company of hundred employees, others will have to manage those of every citizen in his/her community or area. For this reason, splitting the server into smaller parts allows the administrator to load-balance the traffic and meet the performance level needed.
 

Architecture

The OpenKeyServer is composed of two main parts handling specific tasks for the processing of clients requests. The main part, core of the system, is the OKS database server.  It is surrounded by the second part composed of gateways handling specific protocols in order to interconnect the OKS database server with the outside world.

 

The OKS database server

Responsible of the handling and the management of the keyring, this engine will process your database requests and assure the integrity of your data. This is the core of the system and it communicates with the gateways through a proprietary protocol.

 

The OKS HTTP gateway

Around the OKS database server, this process will handle clients requests made via the HTTP protocol. Its task is to translate these requests and transmit them to the OKS database server to process them. When the OKS database server replies, it formats these replies following customizable templates and send HTML pages to the remote clients. For now, it is also synchronizing the keyserver with other keyservers on the Internet.

 
The OKS SMTP gateway

On the same level as the OKS HTTP gateway sits the OKS SMTP gateway handling requests made through the SMTP protocol. It acts by polling a mail box stored on a mail server at a specified interval and through the POP3 protocol. It then transfers its incoming emails to the OKS database server for processing. When the OKS database server replies, it formats these replies following customizable templates and send them back to the sender enclosed in an email. It is also synchronizing the keyserver with other keyservers on the Internet.