can't work on armoured keyring
Jason Harris
jharris@widomaker.com
Wed Apr 23 00:04:03 2003
--cMwMn/tF35tO7kHm
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Apr 22, 2003 at 08:40:35PM +0200, Michael Nahrath wrote:
> I downloaded a community's keyring from a website. It is ASCII-armored and
> served via http: as 'application/pgpkeys' according to RFC 3156.
>=20
> Unfortunately I get errors whenever I try to work on this keyring without
> importing it. You may try on your own:
> We still would like to provide this keyring in a form that was suitable to
> do WoT-annalysis etc. without further modifications.
Converting it to binary is easy:
%gpg --dearmor <file>=20
and will let GPG use it directly without an --import. To help detect
modification, publish a signature for the binary form of the file.
Also, advise people to make the keyring read-only to prevent modification.
Keeping the file on the website in armored format may mean larger
downloads, but if people keep the original file around but hose
their binary copy then they can just reconstruct the binary file
without doing another download. Or you can just make the files
available via rsync, which works quite nicely for the Debian keyrings.
--=20
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
jharris@widomaker.com | web: http://jharris.cjb.net/
--cMwMn/tF35tO7kHm
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)
iD8DBQE+pbxzSypIl9OdoOMRAnX9AJ99fTz7tGGPP9Clbpjtr7j7PnpyAACgi6xV
y1VxaEQ0x4Taw6Lry4jeV4Y=
=TKRa
-----END PGP SIGNATURE-----
--cMwMn/tF35tO7kHm--