On Sat, Aug 27, 2011 at 1:03 AM, Doug Barton wrote:
> I have a particular concern that if I sign a key with "I checked
> carefully" that I really did. Moreover, I have a philosophical prejudice
> that if I *can't* say "I checked carefully," why bother?
>
> That said, I have in the past run across
On Sat, 27 Aug 2011 00:46, sand...@crustytoothpaste.net said:
> dpkg-source would lose the ability to verify packages before unpacking
> them. apt's archive verification would break. That doesn't include
Wrong. It uses gpgv which is a verification only tool; is uses a list
of trusted keys (i.e
[some snippage]
On 08/26/2011 14:29, Nicholas Cole wrote:
> On Thu, Aug 25, 2011 at 7:21 PM, Doug Barton wrote:
>>> BTW, this is another one of the reasons that I find the ability to have
>> multiple keyrings useful, and would very much miss that functionality if
>> it disappeared from gnupg 2.1.
On 08/26/2011 14:56, Nicholas Cole wrote:
> On Fri, Aug 26, 2011 at 10:34 PM, Doug Barton wrote:
>
>> One could certainly argue that my doing this is verification step is
>> overly fussy (and you wouldn't be the first), but that's my policy.
>
> I honestly did not mean to be critical.
I didn't
On Fri, Aug 26, 2011 at 10:29:04PM +0100, Nicholas Cole wrote:
> I *do* see the uses for them. The debian keyring, for example is
> huge, and it is useful to be able to selectively include it or not in
> the gpg.conf file. But there more I've thought about this, the more I
> think that it would b
On Fri, Aug 26, 2011 at 10:34 PM, Doug Barton wrote:
> One could certainly argue that my doing this is verification step is
> overly fussy (and you wouldn't be the first), but that's my policy.
I honestly did not mean to be critical. I was just struggling to see
the security benefit. After all
On 08/26/2011 14:18, Nicholas Cole wrote:
> On Thu, Aug 25, 2011 at 7:21 PM, Doug Barton wrote:
>> http://dougbarton.us/PGP/gen_challenges.html
>
> Dear Doug,
>
> I don't mean this in a negative way, but I struggle to see the point
> of such challenges.
So feel free not to use them. :)
> The
On Thu, Aug 25, 2011 at 7:21 PM, Doug Barton wrote:
>> BTW, this is another one of the reasons that I find the ability to have
> multiple keyrings useful, and would very much miss that functionality if
> it disappeared from gnupg 2.1.
I know Warner has said all this before, but I sometimes think
On Thu, Aug 25, 2011 at 7:21 PM, Doug Barton wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> On 08/25/2011 11:02, Aaron Toponce wrote:
>> On 08/25/2011 11:56 AM, Jameson Graef Rollins wrote:
>>> Do you want to sign every key in your keyring? If so, it's not
>>> hard to get gpg to e
On Thu, 25 Aug 2011 11:37:35 -0600, Aaron Toponce
wrote:
> > caff $FPR1 $FPR2 ...
>
> Well, if I need to provide each key ID/fingerprint, then I might as well
> write a simple loop:
>
> for KEYID in...; do
> gpg --sign $KEYID
> gpg --armor --export $KEYID
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 25 August 2011 at 7:02:52 PM, in
, Aaron Toponce wrote:
> If I have a public keyring of all the attendees of the
> party, then I will want to sign every key in that
> keyring.
You could have a keyring that purported to be all the
On Thu, Aug 25, 2011 at 07:35:09PM +0100, MFPA wrote in
<531058786.20110825193509@my_localhost>:
Hi
On Thursday 25 August 2011 at 7:02:52 PM, in
, Aaron Toponce wrote:
If I have a public keyring of all the attendees of the
party, then I will want to sign every key in that
keyring.
You coul
On Thu, 25 Aug 2011 12:02:52 -0600, Aaron Toponce
wrote:
> If I have a public keyring of all the attendees of the party, then I
> will want to sign every key in that keyring.
This should be very easy to script. See the following options:
--keyring FILE
--list-public-keys
--with-colons
and the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 08/25/2011 11:02, Aaron Toponce wrote:
> On 08/25/2011 11:56 AM, Jameson Graef Rollins wrote:
>> Do you want to sign every key in your keyring? If so, it's not
>> hard to get gpg to enumerate all of your keys in a
>> machine-parsable format (see
On Thu, Aug 25, 2011 at 12:02:52PM -0600, Aaron wrote in
<4e568e4c.8080...@gmail.com>:
On 08/25/2011 11:56 AM, Jameson Graef Rollins wrote:
Do you want to sign every key in your keyring? If so, it's not hard to
get gpg to enumerate all of your keys in a machine-parsable format (see
--with-colon
On 08/25/2011 12:50 PM, Aaron Toponce wrote:
> According to the gnupg(1) manpage, I see "--multifile" for encryption,
> decryption and verification. Is it possible to use this to sign multiple
> keys simultaneously? I don't have any keys to sign, or I would give this
> a try (I guess I could manual
16 matches
Mail list logo
