qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [ANNOUNCE] Key Signing Party at KVM Forum 2013


From: Gabriel L. Somlo
Subject: Re: [Qemu-devel] [ANNOUNCE] Key Signing Party at KVM Forum 2013
Date: Tue, 12 Nov 2013 10:18:42 -0500
User-agent: Mutt/1.5.21 (2010-09-15)

Peter,

On Tue, Nov 12, 2013 at 02:57:36PM +0000, Peter Maydell wrote:
> Can somebody provide known-good instructions for how to
> sign and return keys? I looked on the web and found four
> different possible ways to do this (most notably, there
> seems to be a split between "just send keys back to
> the keyserver" and "email something to the keyowner"),
> and as usual gpg's UI is hopelessly opaque and confusing :-(

I've pasted my key-signing bash script below. At the (few) key signing
parties I've been to, the idea was "upload to keyserver as a personal
favor to those you already know and like, email signatures encrypted
with the recipient's key to those you've only just met at the party".

Assuming a text file with one key signature per line, the bits that
are commented out were used to import keys and display fingerprints
for comparison with the stuff we had printed on paper and verified at
the party. The uncommented bits will do the signature export,
encryption with the recipient's key, and emailing.

HTH,
--Gabriel

#!/bin/bash

for F in $(cat fingerprints.txt); do
  # receive keys matching ID $F:
  #gpg --recv-keys $F
  # list fingerprint for key matching ID $F:
  #gpg --fingerprint $F
  # sign key matching ID $F:
  #gpg --sign-key $F
  # send signature to recipient matching first uid, encrypted with recipient key
  E=$(gpg --list-key $F | grep ^uid | head -1 | sed 's/.*<\(.*\)>.*/\1/')
  gpg --armor --export $F | gpg --armor --encrypt -r $F | \
    mailx -r address@hidden -s "the signature you requested (by $F)" $E
  echo "sent signature $F $E"
done



reply via email to

[Prev in Thread] Current Thread [Next in Thread]