-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 18 Apr 2007, Anthony Carrico wrote:
When Paul and I were doing the impromptu demo last night, I'm not sure
if I made one important thing 100% clear:
The signature dialog will display the fingerprint of the key you are
about to sign. MAKE SURE THE FINGERPRINT MATCHES THE ONE YOU VERIFIED
ON YOUR WORKSHEET.
And, as promised, I've updated my script for doing the signing and
sending of keys to use Anthony's method of keeping the keys being signed out
of the primary keyring. I've also made it a little friendlier and more
self-explanatory. There's only so much I can do there because the GPG edit
UI is so atrocious, though.
You give this script the ID of the key you want to sign and the
email you want to send the signed key to, and it'll handle all the shuffling
of keyrings and sending of email automatically. You have to do some of the
middle bit manually (see above about GPG edit UI), but it now at least
explains what you're supposed to do there. It'll ask for your passphrase
twice - once to sign the key, and once to sign the outgoing email. (I
promise that it isn't logging it and sending it to me. You can check the
source if you don't trust that assurance.) If you mess something up, just
tell it not to send the email, and it'll abort with no permanent effects.
The script can be found at:
http://www.ci-n.com/~jcampbel/gpguidsign
http://aerin.ci-n.com:8080/~jcampbel/gpguidsign
GPG signature for it at:
http://www.ci-n.com/~jcampbel/gpguidsign.asc
http://aerin.ci-n.com:8080/~jcampbel/gpguidsign.asc
- --
John Campbell
[EMAIL PROTECTED]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGJnJlPu/PJk2ePZ0RAqcqAJ9nfjX82GClPzO9pTfMPS+VMc2z/ACfQuV/
GPcQqoSNuDBEKFVldKQIBjI=
=01lK
-----END PGP SIGNATURE-----
