From f2a590522dbfeaf08fd9e744f6b8b975e8fdfd52 Mon Sep 17 00:00:00 2001 From: kink-guest Date: Tue, 28 Feb 2006 17:16:41 +0000 Subject: [PATCH] some caff documentation tweaks: spelling fixes, rearrange README a bit, add suggestion for signing with multiple keys. git-svn-id: svn://svn.debian.org/pgp-tools/trunk@263 b513b33f-fedd-0310-b452-c3deb5f4c849 --- caff/README | 43 ++++++++++++++++++++++++++++--------------- caff/README.many-keys | 2 +- debian/changelog | 4 +++- 3 files changed, 32 insertions(+), 17 deletions(-) diff --git a/caff/README b/caff/README index d750227..d11628a 100644 --- a/caff/README +++ b/caff/README @@ -1,4 +1,5 @@ caff -- CA - fire and forget +============================== caff is a script that helps you in keysigning. It takes a list of keyids on the command line, fetches them from a keyserver and calls @@ -8,7 +9,18 @@ mail, pruned from all but self sigs and sigs done by you. The mailed key is encrypted with itself as a means to verify that key belongs to the recipient. -Features: +Since we do not upload the new signatures, or import them into our +main keyring, the signature only gets public if: + - the email address is valid, and + - the person reading the email can decrypt the mail (if it was sent + encrypted). +Therefore we achieve the same level of security as common Challenge +Response systems like CABot, without all the extra hassle of those +systems. + +FEATURES +-------- + * Easy to setup. * Attaches only the very UID that we send to in the mail. * Prunes the key from all signatures that are not self sigs and @@ -18,29 +30,30 @@ Features: * Creates proper PGP MIME messages. * Uses separate GNUPGHOME for all its operations. -Special Requirements: - * GnuPG 1.3.92 or later. +DEPENDENCIES +------------ -Discussion: + gnupg (>= 1.3.92), perl, libgnupg-interface-perl, + libtext-template-perl, libmime-perl, libmailtools-perl (>= 1.62), + mailx -Since we do not upload the new signatures, or import them into our -main keyring, the signature only gets public if: - - the email address is valid - - the person reading the email can decrypt the mail (if it was sent - encrypted). +INSTALLATION +------------ -Therefore we achieve the same level of security as common Challenge -Repsonse systems like CABot, without all the extra hassle of those -systems. +After creating a ~/.caffrc from the template, caff almost works out of the box. +MULTIPLE SIGNING KEYS +--------------------- -Dependencies: gnupg (>= 1.3.92), perl, libgnupg-interface-perl, libtext-template-perl, libmime-perl, libmailtools-perl (>= 1.62), mailx +Q: I possess multiple keys. How can I use caff to sign each keyid + with both my keys? +A: Try this: + $ caff --no-export-old --no-mail -u + $ caff --no-download --no-export-old -u -INSTALLATION NOTES -After creating a ~/.caffrc from the template, caff almost works out of the box. -- Peter diff --git a/caff/README.many-keys b/caff/README.many-keys index 86dd4f2..1fe8eb1 100644 --- a/caff/README.many-keys +++ b/caff/README.many-keys @@ -2,7 +2,7 @@ Using caff to sign lots of keys ------------------------------- If you have loads of keys to sign (sometimes, there are keysigning parties with -more than 100 participants), keysigning can be arkward, even with caff. It gets +more than 100 participants), keysigning can be awkward, even with caff. It gets worse if you have multiple local keys and want to sign with all. Some hints to get the signing done faster: diff --git a/debian/changelog b/debian/changelog index 7cd9b09..e9fb775 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,11 +2,13 @@ signing-party (0.4.4-3) unstable; urgency=low [ Thijs Kinkhorst ] * Upgrade debhelper compatibility to the recommended level 5. + * Update FSF addresses. + * caff: tweak documentation. [ Christoph Berg ] * caff: note that mailed keys are encrypted (suggested by Sune Vuorela). - -- Christoph Berg Wed, 15 Feb 2006 10:58:06 +0100 + -- Thijs Kinkhorst Tue, 28 Feb 2006 18:15:32 +0100 signing-party (0.4.4-2) unstable; urgency=low -- 2.30.2