|
From: | John A Meinel |
Subject: | Re: [Gnu-arch-users] signing rules |
Date: | Tue, 08 Mar 2005 09:01:29 -0600 |
User-agent: | Mozilla Thunderbird 1.0 (Windows/20041206) |
Robert Collins wrote:
I wonder if folk would be kind enough to let me know what signing and check rules they are using? I'm implementing a prototype of http://wiki.gnuarch.org/moin.cgi/SigningRules - and knowing what \=default.check and archive specific check rules are in use, will let me provide auto-conversion code for the common case users. So - please let me know what you use - and if someone else has already said they use the same rule, still let me know :). Rob
In general, I'm using "gpg --clearsign --use-agent" for my signing rule, and for checking
gpg-check.awk gpg_command="gpg --verify-files - 2>/dev/null"With the gpg-check.awk script that was in tlacontrib, or something like that. I can't find it right now, I always just copy it from machine to machine.
I do wish that by default when setting up a mirror, tla would default to copying the signature. Rather than having to manually create the ~/.arch-params/signing/${ARCHIVE}-MIRROR file.
On win32 there is no gpg-agent, so I'm playing around with a simple auth agent. It's not nearly as nice as gpg-agent, just something to remember my password while I'm logged in. It's moderately secure in my case, where there is a single login at a time (authentication is binding to a local port), but in a more multi-user env you would want something better. I just never figured out how to implement a user permissioned communication port like UNIX sockets on windows.
John =:->
signature.asc
Description: OpenPGP digital signature
[Prev in Thread] | Current Thread | [Next in Thread] |