Controlling Group Membership with PGP Keys
Mike Acker
Mike_Acker at charter.net
Tue Mar 22 16:50:14 CET 2011
On 03/22/2011 11:41, Jerome Baum wrote:
> Actually thinking about this, use gpgv and maintain a trusted
> keyring. Sign the keyring with the admin key and mail out updates. Say
> it's called ~/.gnupg-members.gpg, this is the update procedure:
>
> curl -o ~/.gnupg-updated-members-gpg.gpg <URL-of-keyring>
> gpg ~/.gnupg-updated-members-gpg.gpg # it's a signature containing the
> # original, so we get the file for
> # the next step
> # assuming the signature was okay/"good enough"
> mv ~/.gnupg{-updated,}-members.gpg
that idea has a lot of merit: it allows the group administrator to
distribute the access list -- which i what is needed in maintaining
group security. i'll have to experiment.
--
/MIKE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 292 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110322/0503bfe2/attachment.pgp>
More information about the Gnupg-users
mailing list