(NB: "xxx" is either "local" or "remote")
A secondary nuked database is used to store backups of keys for nyms which have been nuked or deleted using the administrative lode server. These keys do not appear in the main database.
parameter | value |
---|---|
@zkfr_PubkeyDB[_Nuked]_Xxx@ | /freedom/etc/db/pubkeydb[-nuked].xxx.conf |
@zkfr_PubkeyDB[_Nuked]_Server@ | pkdb.test.freedom.net:51132 [51133] |
@zkfr_PubkeyDB[_Nuked]_AuthKey@ | --- |
With the exception of a duplicate record corresponding to an entity's
current key, the database consists of a single record for each public
key. The entries are uniquely identified by the tuple <key-version,
key-type, key-owner>, where key-type refers to signing or encryption
and the key-owner corresponds to the ent
field of the key.
To ask for the current key, key-version is set to 0.
The public key database datum is the public key data, in the format described above, with a little extra information. This is the entity who signs the entry and their signature. The signature is over the entire datum. Cryption keys are signed by that same entity's signing key, while signature keys are signed by the entity's parent in the key hierarchy.