Hi, We have three servers H -> M -> L with high, medium, and low security.
The private signature key is known to H only and must never leave H. Artifacts that must be signed are produced on M which is capable of calculating hashes (e.g. SHA-256 hashes). H has the ability to read these hashes but cannot access the artifacts. The artifacts are then being transported to L where they are considered valid if there is also a valid signature for them. H is expected to push the respective signatures to L. The question is: Is it possible to gpg-sign a file given its hash only? -- Thanks in advance, Alex _______________________________________________ Gnupg-users mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-users
