Direct signatures

Lachlan Gunn lachlan at
Fri Oct 23 10:58:22 CEST 2015


Is there any way make GNUPG or libgpgme generate a signature from an
externally-computed hash?  My justifications for this are twofold:

1. Isolation---by removing the need for gpg to see the original data, it
becomes possible to perform signatures on a system that is completely
isolated, at least as far as incoming data goes.

2. Process separation---I have ideas involving SELinux that I would like to
experiment with, and doing so requires that tasks be split at the process
level as I understand.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20151023/14faa937/attachment.html>

More information about the Gnupg-users mailing list