On Tue, 2013-02-19 at 04:09 +0000, Robin H. Johnson wrote: > On Tue, Feb 19, 2013 at 04:36:08PM +1300, Kent Fredric wrote: > > It may be advantageous to have a gentoo wrapper script that calls GPG > > with recommended settings to make some tasks easier, > > > gentoo-gpg-create --recommended > > > EDITOR=vim gentoo-gpg-rotation --recommended --old=DEADBEEF > > and gentoo-gpg-rotation would make a templated key-expiry document , > > edited in $EDITOR, and then cross-signed > The key rotation as described in RiseUp best practices should be a very > rare occurrence. Each dev is going to run it at most once. > > However, both the creation helper and an expiry update helper would be > useful. >
It can be done as part of gkeys from the gentoo-keys project I've started which will be used to manage gpg keys for validating git commits, release media, layman's repositories.xml list, etc... I welcome help in coding it. http://git.overlays.gentoo.org/gitweb/?p=proj/gentoo-keys.git;a=summary http://wiki.gentoo.org/wiki/Project:Gentoo-keys Sadly, I got sidetracked, so haven't gotten much done lately. But am getting back to it again now.
