Direct signatures

Lachlan Gunn lachlan at twopif.net
Fri Oct 23 10:58:22 CEST 2015


Hello,

Is there any way make GNUPG or libgpgme generate a signature from an
externally-computed hash?  My justifications for this are twofold:

1. Isolation---by removing the need for gpg to see the original data, it
becomes possible to perform signatures on a system that is completely
isolated, at least as far as incoming data goes.

2. Process separation---I have ideas involving SELinux that I would like to
experiment with, and doing so requires that tasks be split at the process
level as I understand.

Thanks,
Lachlan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20151023/14faa937/attachment.html>


More information about the Gnupg-users mailing list