]> git.sthu.org Git - pgp-tools.git/blob - caff/README
caff: Fix a bug with checking if we have exactly one or more keys that failed downloa...
[pgp-tools.git] / caff / README
1 caff -- CA - fire and forget
2 ==============================
3
4 caff is a script that helps you in keysigning. It takes a list of
5 keyids on the command line, fetches them from a keyserver and calls
6 GnuPG so that you can sign it. It then mails each key to all its
7 email addresses - only including the one UID that we send to in each
8 mail, pruned from all but self sigs and sigs done by you. The mailed
9 key is encrypted with itself as a means to verify that key belongs to
10 the recipient.
11
12 Since we do not upload the new signatures, or import them into our
13 main keyring, the signature only gets public if:
14 - the email address is valid, and
15 - the person reading the email can decrypt the mail (if it was sent
16 encrypted).
17 Therefore we achieve the same level of security as common Challenge
18 Response systems like CABot, without all the extra hassle of those
19 systems.
20
21 FEATURES
22 --------
23
24 * Easy to setup.
25 * Attaches only the very UID that we send to in the mail.
26 * Prunes the key from all signatures that are not self sigs and
27 not done by you, thereby greatly reducing the size of mails.
28 * Sends the mail encrypted if possible, will warn before sending
29 unencrypted mail (sign only keys)
30 * Creates proper PGP MIME messages.
31 * Uses separate GNUPGHOME for all its operations.
32
33 DEPENDENCIES
34 ------------
35
36 gnupg (>= 1.3.92), perl, libgnupg-interface-perl,
37 libtext-template-perl, libmime-perl, libmailtools-perl (>= 1.62),
38 mailx
39
40 INSTALLATION
41 ------------
42
43 After creating a ~/.caffrc from the template, caff almost works out of the box.
44
45 --
46 Peter
47 $Id$