On Mon, 15 Feb 2016 at 13:19:55 +0100, Lachlan Gunn wrote:
>> The gzipped tarball format looks really overkill.  How about an OpenPGP
>> keyring (possibly armored)?  No need for caff here, gpg(1) can do this
>> alone:
>> 
>> gpg --export <fingerprints> >/tmp/keyring.gpg
>> 
>> (you could also add ‘--export-options export-minimal’)
> 
> My reason for suggesting a tarball is that it makes it easier to provide
> additional information to the airgapped machine.  For example, the user
> might want to select the UIDs to sign on the internet-connected machine.

Assuming you would do the UID selection in caff I don't think it's
relevant for your use case.  Indeed caff delegates the signing to
gpg(1), the prompt of which lets you select which UID(s) to sign.  So it
doesn't matter whether the original OpenPGP keyring (‘/tmp/keyring.gpg’
in Message #10) contains extra UIDs (or even extra keys) you don't
intend to sign: just tell GnuPG to skip these.

Moreover the OpenPGP keyring containing your signatures
(‘/tmp/signed-keyring.gpg’ in Message #10) might contain extra keys,
extra UIDs, and possibly even extra signatures depending on the
parameters to ‘--export-options’.  But if you don't mind the extra
overhead it doesn't matter, because caff ignores the UIDs you didn't
sign, and cleans and prunes keys before emailing out your sigs.
(Furthermore for each mail it asks whether you want to send it, unless
‘--mail=yes’.)

That being said, I've been thinking about implementing UID
*pre*selection in the gpgparticipants(1) formatted input.  The idea
would be not only to annotate the gpgparticipants(1) list (usually
provided by the KSP organizers) with the keys the user intends to
consider for signing, but for each of these keys, also flag the UIDs
that are to be preselected in the gpg(1) prompt.  (See also #769890.)
The advantage would be to have a more precise gpgparticipants(1) list
describing the signing work after each KSP.  A problem I have with this
method is that gpgparticipants(1) strips out user attributes (eg,
pictures), mostly because the picture itself can't be shown in the plain
text printout; but there are other programs (such as gpgsigs(1))
enhancing the gpgparticipants(1) list and listing pictures.

-- 
Guilhem.

Attachment: signature.asc
Description: PGP signature

Reply via email to