caff -- CA - fire and forget
+==============================
caff is a script that helps you in keysigning. It takes a list of
keyids on the command line, fetches them from a keyserver and calls
GnuPG so that you can sign it. It then mails each key to all its
email addresses - only including the one UID that we send to in each
-mail.
-
-Features:
- * Easy to setup.
- * Attaches only the very UID that we send to in the mail.
- * Prunes the key from all signatures that are not self sigs and
- not done by you, thereby greatly reducing the size of mails.
- * Sends the mail encrypted if possible, will warn before sending
- unencrypted mail (sign only keys)
- * Creates proper PGP MIME messages.
- * Uses separate GNUPGHOME for all its operations.
-
-Special Requirements:
- * GnuPG 1.3.92 or later.
-
-Discussion:
+mail, pruned from all but self sigs and sigs done by you. The mailed
+key is encrypted with itself as a means to verify that key belongs to
+the recipient.
Since we do not upload the new signatures, or import them into our
main keyring, the signature only gets public if:
- - the email address is valid
+ - the email address is valid, and
- the person reading the email can decrypt the mail (if it was sent
encrypted).
-
Therefore we achieve the same level of security as common Challenge
-Repsonse systems like CABot, without all the extra hassle of those
+Response systems like CABot, without all the extra hassle of those
systems.
+FEATURES
+--------
+ * Easy to setup.
+ * Attaches only the very UID that we send to in the mail.
+ * Prunes the key from all signatures that are not self sigs and
+ not done by you, thereby greatly reducing the size of mails.
+ * Sends the mail encrypted if possible, will warn before sending
+ unencrypted mail (sign only keys)
+ * Creates proper PGP MIME messages.
+ * Uses separate GNUPGHOME for all its operations.
-Dependencies: gnupg (>= 1.3.92), perl, libgnupg-interface-perl, libmime-perl, libmailtools-perl (>= 1.62), mailx
+DEPENDENCIES
+------------
+ gnupg (>= 1.3.92), perl, libgnupg-interface-perl,
+ libtext-template-perl, libmime-perl, libmailtools-perl (>= 1.62),
+ mailx
-INSTALLATION NOTES
+INSTALLATION
+------------
After creating a ~/.caffrc from the template, caff almost works out of the box.
-It has a problem, though: your personal public key is not imported in the caff
-working keyring. Do fix it, do this:
-
-Considering you have this:
-
- $CONFIG{'caffhome'} = $ENV{'HOME'}.'.caff';
-
-Do:
-
- gpg --export <your-key-id> | gpg --import --homedir ~/.caff/gnupghome
-
-This is a workaround for a bug which is already noted in the TODO list.
-
--
Peter
$Id$