How to lsign-key from batch ?
Nick Dearnaley
ndearnaley@imerge.co.uk
Fri Mar 2 15:04:02 2001
We're trying to use GnuPG for secure communications between an appliance
and a server on the Internet. In order to do this the appliance needs to
be shipped preloaded with a public key which needs to be signed once the
appliance has generated its own key-pair. I therefore need to be able to
lsign a specific key (after verifying it) from the software itself -
without getting interrupted by "really sign key?" and so on.
Can anyone tell me whether this is possible, and if so hiow to do it?
Thanks.
[FYI, The trust model is as follows:
Key-pair for software release, with public key shipped on appliance.
Key-pair for Internet Server, signed by software release.
Appliance generates own key pair, then if fingerprint for preloaded key
matches one coded into software then sign software release key (also
periodically checks key matches that available from key servers).
This should be reasonably secure.]
--
Nick Dearnaley
Software Team Leader, Imerge Ltd.
-----------------------------------------
ndearnaley@imerge.co.uk
Tel: 01954 783600 Fax: 01954 783601
htpp://www.imerge.co.uk
-----------------------------------------