Robert Collins wrote:
I wonder if folk would be kind enough to let me know what signing and check rules they are using?
I'm implementing a prototype of http://wiki.gnuarch.org/moin.cgi/SigningRules - and knowing what \=default.check and archive specific check rules are in use, will let me provide auto-conversion code for the common case users.
So - please let me know what you use - and if someone else has already said they use the same rule, still let me know :).
Rob
In general, I'm using "gpg --clearsign --use-agent" for my signing rule, and for checking
gpg-check.awk gpg_command="gpg --verify-files - 2>/dev/null"
With the gpg-check.awk script that was in tlacontrib, or something like that. I can't find it right now, I always just copy it from machine to machine.
I do wish that by default when setting up a mirror, tla would default to copying the signature. Rather than having to manually create the ~/.arch-params/signing/${ARCHIVE}-MIRROR file.
On win32 there is no gpg-agent, so I'm playing around with a simple auth agent. It's not nearly as nice as gpg-agent, just something to remember my password while I'm logged in. It's moderately secure in my case, where there is a single login at a time (authentication is binding to a local port), but in a more multi-user env you would want something better. I just never figured out how to implement a user permissioned communication port like UNIX sockets on windows.
John =:->
signature.asc
Description: OpenPGP digital signature_______________________________________________ Gnu-arch-users mailing list [email protected] http://lists.gnu.org/mailman/listinfo/gnu-arch-users GNU arch home page: http://savannah.gnu.org/projects/gnu-arch/
