On 03/09/2014 11:30 AM, Sean Swehla wrote: > I've signed all the keys that I verified at the meeting last week, and > I've received a few signatures already. Is there any standard for for > sending out the signed keys? > > Of the three I've received so far, I've had one uploaded to the > keyservers, one uploaded and a signed confirmation emailed, and one > encrypted and emailed to each UID but not uploaded. > > Also, do you recommend any good tools? `gpg` is fine for uploading, as > is Enigmail, it seems. The emails I've received look like they're either > auto-generated or tedious to construct. is there something that will > email a signed key to it's owner?
The ones you got emailed were from me via caff.
From the man page:
CA Fire and Forget is a script that helps you in keysigning. It
takes a list of keyids on the command line, fetches them from a
keyserver and calls GnuPG so that you can
sign it. It then mails each key to all its email addresses -
only including the one UID that we send to in each mail, pruned from all
but self sigs and sigs done by you.
The mailed key is encrypted with itself as a means to verify that
key belongs to the recipient.
sudo apt-get install signing-party
caff key-id key-id key-id key-id ....
(follow prompts, the rest of it walks you through the process).
-Sean
--
Sean Dague
http://dague.net
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org https://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) Vassar College Apr 2 - Nginx: High-Performance HTTP Server, Reverse Proxy, and IMAP/POP3 Proxy Server May 7 - Google App Engine Jun 4 - Samba: Can We All Just Get Along?
