Controlling Group Membership with PGP Keys

Mike Acker Mike_Acker at charter.net
Tue Mar 22 16:50:14 CET 2011


On 03/22/2011 11:41, Jerome Baum wrote:
> Actually  thinking   about  this,  use  gpgv  and   maintain  a  trusted
> keyring. Sign the  keyring with the admin key and  mail out updates. Say
> it's called ~/.gnupg-members.gpg, this is the update procedure:
>
> curl -o ~/.gnupg-updated-members-gpg.gpg <URL-of-keyring>
> gpg ~/.gnupg-updated-members-gpg.gpg  #  it's a signature containing the
>                                       # original, so we get the file for
>                                       # the next step
> # assuming the signature was okay/"good enough"
> mv ~/.gnupg{-updated,}-members.gpg
that idea has a lot of merit: it allows the group administrator to
distribute the access list -- which i what is needed in maintaining
group security.  i'll have to experiment.

-- 
/MIKE


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 292 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110322/0503bfe2/attachment.pgp>


More information about the Gnupg-users mailing list