[gnutls-dev] OpenPGP Keys
twoaday at gmx.net
Thu Apr 19 20:37:48 CEST 2007
Simon Josefsson wrote:
> I'm thinking that the trustdb file will be the GnuTLS-specific
> trustdb, and thus OpenCDK can depend on the trust information in that
> file. Wouldn't that work?
That would work.
> Thus, it would be a bad idea to run a server with your personal
> ~/.gnupg/trustdb.gpg, and you would rather create a separate
> trustdb.gpg for the GnuTLS server.
This is also my opinion. Plus the trustdb.gpg file has a non-public
format and can change any time. This time it was a workaround but
> what we are doing, or?) so if it is possible to have a text file with
> OpenPGP key identifiers in it that the server should trust, that seems
> like a better choice. Is there any other information in the trustdb
> that GnuTLS/OpenCDK needs?
Yes, a text file is possible and probably easier to parse than binary
files. And no other information is needed. I probably need to read the
newest OpenPGP GnuTLS draft to find out what the requirements are.
More information about the Gnutls-devel