Signing decentralized websites
cqcallaw
cqcallaw at brainvitamins.net
Sun Nov 22 02:06:53 CET 2020
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Saturday, November 21, 2020 9:58 AM, Werner Koch <wk at gnupg.org> wrote:
> On Fri, 20 Nov 2020 19:13, cqcallaw said:
>
> > change the behavior. Is there some implementation issue with running
> > multiple gpg signing operations in parallel?
>
> This is all serialized because the gpg-agent does the actual signing.
> There is one gpg-agent per GNUPGHOME. Thus the easiest solution for you
> is to provide copies of the GNUPGHOME and either set this envvar for
> each process or pass --homedir=decicated-homedir-copy. You can't use
> links to the same directory because we use lock files. However, it
> should be possible to sumlink the private-keys-v1.d sub directories.
>
> > 2. Are there any tools to verify detached signatures in the browser?
> > As a user, I'd like my browser to check for a signature file and
> >
>
> Mailvelope comes to mind or you write your own thing using gpgme-json as
> the native messaging server. Mailvelope can use gpgme-json.
>
> There is also openpgp.js as a solid Javascript implementation of
> OpenPGP.
>
> Shalom-Salam,
>
> Werner
>
> -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
Many thanks. I've written a Python script (https://github.com/cqcallaw/www/blob/94f0dbb84fa3908acdd698d7b67071bf4f2a723b/sign.py) to handle the parallel signing; I'll look into the browser options shortly.
Cheers,
-Caleb
More information about the Gnupg-users
mailing list