msva should avoid recursive (runaway) queries
There is one circumstance where the msva might legitimately want to always avoid incurring a keyserver lookup:
When the msva itself is connecting to an hkps keyserver, and using monkeysphere to validate the keyserver's own certificate. (This might be relevant for #2016 (closed)).
here are three ways i could imagine addressing this:
A) allow the client to say "please do not make a keyserver fetch for this request" -- we could add a new field to the JSON request data: @keyserverpolicy@, which would override MSVA_KEYSERVER_POLICY for this specific request.
B) We could also have the MSVA itself somehow keep track of when it made a keyserver query, to avoid a runaway -- though this itself might fail if there were two instances of MSVAs chattering to each other somehow (an MSVA loop!)
C) have something like a hop count in the MSVA request, which would be incremented at each lookup.
Of the above options, I lean toward A. Any other suggestions? opinions?
(from redmine: created on 2010-10-13, closed on 2010-10-15)