Signing decentralized websites
Werner Koch
wk at gnupg.org
Sat Nov 21 18:58:49 CET 2020
On Fri, 20 Nov 2020 19:13, cqcallaw said:
> change the behavior. Is there some implementation issue with running
> multiple gpg signing operations in parallel?
This is all serialized because the gpg-agent does the actual signing.
There is one gpg-agent per GNUPGHOME. Thus the easiest solution for you
is to provide copies of the GNUPGHOME and either set this envvar for
each process or pass --homedir=decicated-homedir-copy. You can't use
links to the same directory because we use lock files. However, it
should be possible to sumlink the private-keys-v1.d sub directories.
> 2) Are there any tools to verify detached signatures in the browser?
> As a user, I'd like my browser to check for a signature file and
Mailvelope comes to mind or you write your own thing using gpgme-json as
the native messaging server. Mailvelope can use gpgme-json.
There is also openpgp.js as a solid Javascript implementation of
OpenPGP.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20201121/4a8b5693/attachment.sig>
More information about the Gnupg-users
mailing list