Re: [RFC] Authenticate push via PGP signature, not SSH

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jan 30, 2008 at 08:50:33AM +0000, Sam Vilain wrote:
> Shawn O. Pearce wrote:
> > I just read the GnuPG manual and you are obviously correct.  The only
> > way to get GnuPG to process a key is to load it onto a keyring.
> > We could extract the armored (or binary) public key and load it
> > onto a temporary keyring created just for the purpose of verifying
> > this connection, but that's rather messy.
> 
> It should be fine just to throw the lot into a single keyring, and just
> check which key verified it after the fact and whether that key was allowed.
> 
> The Perl Crypt::OpenPGP module doesn't suffer from this problem (and is
> performant), though it suffers from a dependency stack that will hurt
> everyone except Debian users ;-).

  Actually, if it's engineered like libgpgme (gpg made easy) is, well,
it basically wraps calls to gpg, a thing that we can do ourselves easily
usually :)

  And here is the tool I mentioned in my other mail and forgot to give
an url to: http://kitenet.net/~joey/code/jetring/
-- 
·O·  Pierre Habouzit
··O                                                madcoder@xxxxxxxxxx
OOO                                                http://www.madism.org

Attachment: pgp8Whg6955m2.pgp
Description: PGP signature


[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux