rearrange README a bit, add suggestion for signing
with multiple keys.
git-svn-id: svn://svn.debian.org/pgp-tools/trunk@263
b513b33f-fedd-0310-b452-
c3deb5f4c849
caff -- CA - fire and forget
caff -- CA - fire and forget
+==============================
caff is a script that helps you in keysigning. It takes a list of
keyids on the command line, fetches them from a keyserver and calls
caff is a script that helps you in keysigning. It takes a list of
keyids on the command line, fetches them from a keyserver and calls
key is encrypted with itself as a means to verify that key belongs to
the recipient.
key is encrypted with itself as a means to verify that key belongs to
the recipient.
+Since we do not upload the new signatures, or import them into our
+main keyring, the signature only gets public if:
+ - the email address is valid, and
+ - the person reading the email can decrypt the mail (if it was sent
+ encrypted).
+Therefore we achieve the same level of security as common Challenge
+Response systems like CABot, without all the extra hassle of those
+systems.
+
+FEATURES
+--------
+
* Easy to setup.
* Attaches only the very UID that we send to in the mail.
* Prunes the key from all signatures that are not self sigs and
* Easy to setup.
* Attaches only the very UID that we send to in the mail.
* Prunes the key from all signatures that are not self sigs and
* Creates proper PGP MIME messages.
* Uses separate GNUPGHOME for all its operations.
* Creates proper PGP MIME messages.
* Uses separate GNUPGHOME for all its operations.
-Special Requirements:
- * GnuPG 1.3.92 or later.
+DEPENDENCIES
+------------
+ gnupg (>= 1.3.92), perl, libgnupg-interface-perl,
+ libtext-template-perl, libmime-perl, libmailtools-perl (>= 1.62),
+ mailx
-Since we do not upload the new signatures, or import them into our
-main keyring, the signature only gets public if:
- - the email address is valid
- - the person reading the email can decrypt the mail (if it was sent
- encrypted).
+INSTALLATION
+------------
-Therefore we achieve the same level of security as common Challenge
-Repsonse systems like CABot, without all the extra hassle of those
-systems.
+After creating a ~/.caffrc from the template, caff almost works out of the box.
+MULTIPLE SIGNING KEYS
+---------------------
-Dependencies: gnupg (>= 1.3.92), perl, libgnupg-interface-perl, libtext-template-perl, libmime-perl, libmailtools-perl (>= 1.62), mailx
+Q: I possess multiple keys. How can I use caff to sign each keyid
+ with both my keys?
+A: Try this:
+ $ caff --no-export-old --no-mail -u <mykey1> <keyids to sign>
+ $ caff --no-download --no-export-old -u <mykey2> <keyids to sign>
-After creating a ~/.caffrc from the template, caff almost works out of the box.
-------------------------------
If you have loads of keys to sign (sometimes, there are keysigning parties with
-------------------------------
If you have loads of keys to sign (sometimes, there are keysigning parties with
-more than 100 participants), keysigning can be arkward, even with caff. It gets
+more than 100 participants), keysigning can be awkward, even with caff. It gets
worse if you have multiple local keys and want to sign with all.
Some hints to get the signing done faster:
worse if you have multiple local keys and want to sign with all.
Some hints to get the signing done faster:
[ Thijs Kinkhorst ]
* Upgrade debhelper compatibility to the recommended level 5.
[ Thijs Kinkhorst ]
* Upgrade debhelper compatibility to the recommended level 5.
+ * Update FSF addresses.
+ * caff: tweak documentation.
[ Christoph Berg ]
* caff: note that mailed keys are encrypted (suggested by Sune Vuorela).
[ Christoph Berg ]
* caff: note that mailed keys are encrypted (suggested by Sune Vuorela).
- -- Christoph Berg <myon@debian.org> Wed, 15 Feb 2006 10:58:06 +0100
+ -- Thijs Kinkhorst <kink@squirrelmail.org> Tue, 28 Feb 2006 18:15:32 +0100
signing-party (0.4.4-2) unstable; urgency=low
signing-party (0.4.4-2) unstable; urgency=low