can't work on armoured keyring

Jason Harris
Wed Apr 23 00:04:03 2003

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Apr 22, 2003 at 08:40:35PM +0200, Michael Nahrath wrote:
> I downloaded a community's keyring from a website. It is ASCII-armored and
> served via http: as 'application/pgpkeys' according to RFC 3156.
> Unfortunately I get errors whenever I try to work on this keyring without
> importing it. You may try on your own:

> We still would like to provide this keyring in a form that was suitable to
> do WoT-annalysis etc. without further modifications.

Converting it to binary is easy:

  %gpg --dearmor <file>=20

and will let GPG use it directly without an --import.  To help detect
modification, publish a signature for the binary form of the file.
Also, advise people to make the keyring read-only to prevent modification.

Keeping the file on the website in armored format may mean larger
downloads, but if people keep the original file around but hose
their binary copy then they can just reconstruct the binary file
without doing another download.  Or you can just make the files
available via rsync, which works quite nicely for the Debian keyrings.

Jason Harris          | NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it? | web:

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.1 (FreeBSD)