<div dir="ltr">I'm starting to believe that Elasticsearch aggregations will be able to produce equivalent results to a graph search.<br><br><a href="http://blog.qbox.io/elasticsearch-aggregations">http://blog.qbox.io/elasticsearch-aggregations</a><br><br><a href="http://www.elastic.co/guide/en/elasticsearch/reference/1.x/search-aggregations.html">http://www.elastic.co/guide/en/elasticsearch/reference/1.x/search-aggregations.html</a><br><br>But I'm also familiar with cayley.<br><br>Definitely an interesting project for the weekend.<br><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><br></div></div></div></div></div></div><div class="gmail_quote">On Wed, Apr 8, 2015 at 8:19 AM, David Leon Gil <span dir="ltr"><<a href="mailto:coruus@gmail.com" target="_blank">coruus@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">One suggestion: Post to the IETF OpenPGP mailing list about this, if you haven't. (I think I've posted some similar statistics there a while back.)<br><br>--<br><br>I, personally, found that for simple questions, it was fastest to just scan through a keydump with a C parser. The great virtue of your approach is that it allows asking much more complicated questions!<br><br>(I tried to modify python-pgpdump, fork at <a href="https://github.com/coruus/python-pgpdump" target="_blank">https://github.com/coruus/python-pgpdump</a>, but I've only tested it on a single keydump file.)<br><br>--<br><br>If you are at all familiar with Go, it has both<br><br>- a generally good OpenPGP implementation that can verify signatures, <a href="http://golang.org/x/crypto/openpgp" target="_blank">golang.org/x/crypto/openpgp</a> <br>- and a good graph database, <a href="http://github.com/google/cayley" target="_blank">github.com/google/cayley</a> <br><br>which might make it easier to answer the questions you raise.<br><br>(Sadly, I don't have the time to do anything about this but thank you for making this information easily searchable.)<span class=""><font color="#888888"><br><br>- David</font></span><div class=""><div class="h5"><br><br><div class="gmail_quote">On Tue, Apr 7, 2015 at 6:06 PM Daniel Roesler <<a href="mailto:diafygi@gmail.com" target="_blank">diafygi@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">Howdy all,<br>
<br>
I've been running a keyserver in the SKS keyserver pool[1][2] for a<br>
few months (which is what GnuPG uses as its default keyserver), and I<br>
recently began to wonder what cool stats I could find out about all<br>
those keys. Unfortunately, the sks keyserver system is really only<br>
setup for simple searching, which meant I needed to dump the database<br>
to another repo.<br>
<br>
So I wrote a python OpenPGP parser[3] (mostly to learn more about the<br>
OpenPGP format) that converted PGP keys to json, then dumped the keys<br>
into an elasticsearch index[4]. Using json and elasticsearch makes it<br>
pretty easily to make some interesting queries on the keys. I'd love<br>
feedback and people to see what they can find. You can also download<br>
the raw json dump files[5].<br>
<br>
Here's some of my cool stats so far:<br>
<br>
Total keys[6]: 3.9 million<br>
Total keys with pictures[7]: 59k<br>
Total RSA keys[8]: 1.3 million<br>
Total DSA keys[9]: 2.7 million<br>
Total ECDSA keys[10]: 408<br>
Total EdDSA keys[11]: 112<br>
<br>
Here's some questions I'd like to explore (mostly around signature<br>
verification):<br>
<br>
* How many key signatures cannot be verified (i.e. their issuer is not<br>
in the keyserver)?<br>
* How many key signatures are verified?<br>
* How many key signatures are invalid?<br>
* Who has the most faked signature?<br>
* A visualization of the verified signature web clusters?<br>
* A visualization of the invalid signature web clusters?<br>
<br>
I'm brand new to elasticsearch, so I encourage people with actual data<br>
science skills to explore on their own (either with the raw json dump<br>
or the elasticsearch instance). I've provided instructions for how to<br>
recreate the json dump and the elasticsearch repo in a github<br>
repo[12]. The json includes the signature payload data so you can<br>
actually verify signatures (I just haven't done that yet).<br>
<br>
Thoughts? Feedback?<br>
<br>
Thanks!<br>
Daniel Roesler<br>
<a href="mailto:diafygi@gmail.com" target="_blank">diafygi@gmail.com</a><br>
<br>
[1]: <a href="https://sks-keyservers.net/status/" target="_blank">https://sks-keyservers.net/<u></u>status/</a><br>
[2]: https://<a href="http://sks.daylightpirates.org/" target="_blank">http://sks.<u></u>daylightpirates.org/</a><br>
[3]: <a href="https://github.com/diafygi/openpgp-python" target="_blank">https://github.com/diafygi/<u></u>openpgp-python</a><br>
[4]: <a href="https://keyserver-elasticsearch.daylightpirates.org/" target="_blank">https://keyserver-<u></u>elasticsearch.daylightpirates.<u></u>org/</a><br>
[5]: <a href="https://keyserver-elasticsearch.daylightpirates.org/dump/" target="_blank">https://keyserver-<u></u>elasticsearch.daylightpirates.<u></u>org/dump/</a><br>
[6]: <a href="https://keyserver-elasticsearch.daylightpirates.org/keyserver/_count?pretty=1" target="_blank">https://keyserver-<u></u>elasticsearch.daylightpirates.<u></u>org/keyserver/_count?pretty=1</a><br>
[7]: <a href="https://keyserver-elasticsearch.daylightpirates.org/keyserver/_search?q=JPEG&fields=packets.subpackets.encoding&_source_include=key_id,packets.user_id,packets.subpackets.image&pretty=1" target="_blank">https://keyserver-<u></u>elasticsearch.daylightpirates.<u></u>org/keyserver/_search?q=JPEG&<u></u>fields=packets.subpackets.<u></u>encoding&_source_include=key_<u></u>id,packets.user_id,packets.<u></u>subpackets.image&pretty=1</a><br>
[8]: <a href="https://keyserver-elasticsearch.daylightpirates.org/keyserver/_search?q=RSA&fields=algo_name&_source_include=key_id,algo_name&pretty=1" target="_blank">https://keyserver-<u></u>elasticsearch.daylightpirates.<u></u>org/keyserver/_search?q=RSA&<u></u>fields=algo_name&_source_<u></u>include=key_id,algo_name&<u></u>pretty=1</a><br>
[9]: <a href="https://keyserver-elasticsearch.daylightpirates.org/keyserver/_search?q=DSA&fields=algo_name&_source_include=key_id,algo_name&pretty=1" target="_blank">https://keyserver-<u></u>elasticsearch.daylightpirates.<u></u>org/keyserver/_search?q=DSA&<br>
fields=algo_name&_source_<u></u>include=key_id,algo_name&<u></u>pretty=1</a><br>
[10]: <a href="https://keyserver-elasticsearch.daylightpirates.org/keyserver/_search?q=ECDSA&fields=algo_name&_source_include=key_id,algo_name&pretty=1" target="_blank">https://keyserver-<u></u>elasticsearch.daylightpirates.<u></u>org/keyserver/_search?q=ECDSA&<u></u>fields=algo_name&_source_<u></u>include=key_id,algo_name&<u></u>pretty=1</a><br>
[11]: <a href="https://keyserver-elasticsearch.daylightpirates.org/keyserver/_search?q=EdDSA&fields=algo_name&_source_include=key_id,algo_name&pretty=1" target="_blank">https://keyserver-<u></u>elasticsearch.daylightpirates.<u></u>org/keyserver/_search?q=EdDSA&<u></u>fields=algo_name&_source_<u></u>include=key_id,algo_name&<u></u>pretty=1</a><br>
[12]: <a href="https://github.com/diafygi/keyserver-elasticsearch" target="_blank">https://github.com/diafygi/<u></u>keyserver-elasticsearch</a><br>
______________________________<u></u>_________________<br>
Messaging mailing list<br>
<a href="mailto:Messaging@moderncrypto.org" target="_blank">Messaging@moderncrypto.org</a><br>
<a href="https://moderncrypto.org/mailman/listinfo/messaging" target="_blank">https://moderncrypto.org/<u></u>mailman/listinfo/messaging</a><br>
</blockquote></div>
</div></div><br>_______________________________________________<br>
Messaging mailing list<br>
<a href="mailto:Messaging@moderncrypto.org">Messaging@moderncrypto.org</a><br>
<a href="https://moderncrypto.org/mailman/listinfo/messaging" target="_blank">https://moderncrypto.org/mailman/listinfo/messaging</a><br>
<br></blockquote></div><br></div></div>