What works for me is: $ sudo yum | apt-get install hash-slinger $ openpgpkey --fetch [email protected]
:) Sent from my iPhone > On Feb 20, 2015, at 16:34, Viktor Dukhovni <[email protected]> wrote: > > On Fri, Feb 20, 2015 at 07:03:04PM -0500, James Cloos wrote: > >>>>>>> "WK" == Warren Kumari <[email protected]> writes: >> >> WK> Also, a cute trick: dig type61 $(echo -n pwouters| sha224sum | sed "s/ >> WK> ..$//")._openpgpkey.fedoraproject.org |grep TYPE61 | sed >> WK> "s/^.*TYPE61.*\\\#[0-9]* //" | grep -v ";" | sed "s/ //g" | xxd -r -p >> WK> | gpg --import --dry-run >> >> FWIW, that does not work here. > > What works for me is: > > $ dig +short -t type61 $( > printf "%s._openpgpkey.fedoraproject.org" $( > printf "%s" pwouters | > openssl dgst -sha224 -binary | > hexdump -ve '/1 "%02x"' > ) > ) | > perl -ane ' > ($escape_sharp, $len) = splice(@F, 0, 2); > next if ($escape_sharp ne q{\#}); > ($rdata = join("", @F)) =~ s/(..)/chr(hex($1))/eg; > next if (length($rdata) != $len); > print $rdata; > last; > ' | > gpg --import --dry-run --verbose > gpg: pub 4096R/E0FD94D2 2014-12-11 Paul Wouters <[email protected]> > gpg: using classic trust model > gpg: key E0FD94D2: public key "[User ID not found]" imported > gpg: Total number processed: 1 > gpg: imported: 1 (RSA: 1) > > Of course this ignores the DNSSEC validation status. A better > approach is to do it all in Perl with Net::DNS and either trusted > (AD-bit) local resolver, or DNSSEC validation support in Net::DNS. > > Python with the getdns api is another attractive option. > > -- > Viktor. > > _______________________________________________ > dane mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dane _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
