auto refresh for expired certificates
Gregor Zattler
telegraph at gmx.net
Sun Oct 26 11:47:31 CET 2014
Hi MFPA, gnupg users,
* MFPA <2014-667rhzu3dc-lists-groups at riseup.net> [26. Oct. 2014]:
> Hi
>
>
> On Sunday 26 October 2014 at 7:19:28 AM, in
> <mid:544CA080.5040402 at gmail.com>, NdK wrote:
>
>
>
>> IIRC a tool exists to do that, in a way that makes it hard for keyserver
>> owners to extract "social" metadata (like "these keys are on a single
>> keyring"). Too bad I can't recall its name :(
>
> I remember reading about a tool to refresh the keys on your keyring
> from keyservers, one key at a time at random intervals (and if I
> recall correctly, picking a random keyserver from a list). But I can't
> remember the name either, and I couldn't come up with search terms to
> find it with a search engine.
It's name is parcimonie:
https://gaffer.ptitcanardnoir.org/intrigeri/code/parcimonie/
There is also a reimplementation as a bash shell script:
https://github.com/EtiennePerot/parcimonie.sh
which claims: "Unlike the original Parcimonie, parcimonie.sh
guarantees that each key refresh happens over a unique Tor
circuit even when multiple refreshes happen at the same time. "
Ciao, Gregor
--
-... --- .-. . -.. ..--.. ...-.-
More information about the Gnupg-users
mailing list