X-Git-Url: https://git.sthu.org/?a=blobdiff_plain;f=caff%2FREADME;h=dc4e0187251cb985ef940c68d3e0070eac7c75a1;hb=305a185e23ca077dd7323245c25af177e6d9bb0a;hp=54bc1f8fc977948f88f0220cd3e9c9ddf47ab653;hpb=799e5b768912d2d3e04e8d7d93f9c70c44843f5a;p=pgp-tools.git

diff --git a/caff/README b/caff/README
index 54bc1f8..dc4e018 100644
--- a/caff/README
+++ b/caff/README
@@ -1,13 +1,26 @@
- caff  --  CA - fire and forget
+caff  --  CA - fire and forget
+==============================
 
 caff is a script that helps you in keysigning.  It takes a list of
 keyids on the command line, fetches them from a keyserver and calls
 GnuPG so that you can sign it.  It then mails each key to all its
 email addresses - only including the one UID that we send to in each
-mail.
+mail, pruned from all but self sigs and sigs done by you.  The mailed
+key is encrypted with itself as a means to verify that key belongs to
+the recipient.
 
+Since we do not upload the new signatures, or import them into our
+main keyring, the signature only gets public if:
+ - the email address is valid, and
+ - the person reading the email can decrypt the mail (if it was sent
+   encrypted).
+Therefore we achieve the same level of security as common Challenge
+Response systems like CABot, without all the extra hassle of those
+systems.
+
+FEATURES
+--------
 
-Features:
  * Easy to setup.
  * Attaches only the very UID that we send to in the mail.
  * Prunes the key from all signatures that are not self sigs and
@@ -17,23 +30,18 @@ Features:
  * Creates proper PGP MIME messages.
  * Uses separate GNUPGHOME for all its operations.
 
-Caveats:
- * Requires a gpg patch for now, until 2 bugs are fixed:
-     http://bugs.debian.org/252917    gnupg: --with-colons and --edit delsigs
-     http://bugs.debian.org/254072    gpg should flush stdout before prompting in --edit
+DEPENDENCIES
+------------
 
-Discussion:
+ gnupg (>= 1.3.92), perl, libgnupg-interface-perl,
+ libtext-template-perl, libmime-perl, libmailtools-perl (>= 1.62),
+ mailx
 
-Since we do not upload the new signatures, or import them into our
-main keyring, the signature only gets public if:
- - the email address is valid
- - the person reading the email can decrypt the mail (if it was sent
-   encrypted).
-
-Therefore we achieve the same level of security as common Challenge
-Repsonse systems like CABot, without all the extra hassle of those
-systems.
+INSTALLATION
+------------
 
+After creating a ~/.caffrc from the template, caff almost works out of the box.
 
 -- 
 Peter
+$Id$