Skip to content
Snippets Groups Projects
  • Patrick Cloke's avatar
    5e024a06
    Modify StoreKeyFetcher to read from server_keys_json. (#15417) · 5e024a06
    Patrick Cloke authored
    Before this change:
    
    * `PerspectivesKeyFetcher` and `ServerKeyFetcher` write to `server_keys_json`.
    * `PerspectivesKeyFetcher` also writes to `server_signature_keys`.
    * `StoreKeyFetcher` reads from `server_signature_keys`.
    
    After this change:
    
    * `PerspectivesKeyFetcher` and `ServerKeyFetcher` write to `server_keys_json`.
    * `PerspectivesKeyFetcher` also writes to `server_signature_keys`.
    * `StoreKeyFetcher` reads from `server_keys_json`.
    
    This results in `StoreKeyFetcher` now using the results from `ServerKeyFetcher`
    in addition to those from `PerspectivesKeyFetcher`, i.e. keys which are directly
    fetched from a server will now be pulled from the database instead of refetched.
    
    An additional minor change is included to avoid creating a `PerspectivesKeyFetcher`
    (and checking it) if no `trusted_key_servers` are configured.
    
    The overall impact of this should be better usage of cached results:
    
    * If a server has no trusted key servers configured then it should reduce how often keys
      are fetched.
    * if a server's trusted key server does not have a requested server's keys cached then it
      should reduce how often keys are directly fetched.
    Modify StoreKeyFetcher to read from server_keys_json. (#15417)
    Patrick Cloke authored
    Before this change:
    
    * `PerspectivesKeyFetcher` and `ServerKeyFetcher` write to `server_keys_json`.
    * `PerspectivesKeyFetcher` also writes to `server_signature_keys`.
    * `StoreKeyFetcher` reads from `server_signature_keys`.
    
    After this change:
    
    * `PerspectivesKeyFetcher` and `ServerKeyFetcher` write to `server_keys_json`.
    * `PerspectivesKeyFetcher` also writes to `server_signature_keys`.
    * `StoreKeyFetcher` reads from `server_keys_json`.
    
    This results in `StoreKeyFetcher` now using the results from `ServerKeyFetcher`
    in addition to those from `PerspectivesKeyFetcher`, i.e. keys which are directly
    fetched from a server will now be pulled from the database instead of refetched.
    
    An additional minor change is included to avoid creating a `PerspectivesKeyFetcher`
    (and checking it) if no `trusted_key_servers` are configured.
    
    The overall impact of this should be better usage of cached results:
    
    * If a server has no trusted key servers configured then it should reduce how often keys
      are fetched.
    * if a server's trusted key server does not have a requested server's keys cached then it
      should reduce how often keys are directly fetched.