gnu-arch-users
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] signing rules


From: Robert Collins
Subject: Re: [Gnu-arch-users] signing rules
Date: Thu, 10 Mar 2005 01:22:13 +1100

On Wed, 2005-03-09 at 09:15 -0500, Adrian Irving-Beer wrote:
> On Wed, Mar 09, 2005 at 12:03:57AM +1100, Robert Collins wrote:
> 
> > I wonder if folk would be kind enough to let me know what signing and
> > check rules they are using?
> 
> On one system, I use 
> 
>       gpg --default-key <key> --clearsign -
>
> because I have more than one main key.

Cool, my upgrade code handles this fine.

> On all other systems (to keep my secret key safe), I use
> 
>       /usr/bin/gpg-client -k <key> workstation.<mydomain>
> 
> where 'workstation' is a CNAME pointing to my machine (in case I ever
> have to move it around).  That's effectively a remote clearsign.

Ah. So this will confuse the current spec - its expecting something it
can call as 
$gpg_command $gpg_options --clearsign
Is gpg-client something that accepts (or will ignore) --clearsign ?

> In all cases, I use a standard check rule:
> 
>       /usr/bin/tla-gpg-check gpg_command="/usr/bin/gpg --verify-files -"

Yah, cool.

Cheers,
Rob

Attachment: signature.asc
Description: This is a digitally signed message part


reply via email to

[Prev in Thread] Current Thread [Next in Thread]