[Freedombox-discuss] Key Report Published
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Aug 2 03:52:07 UTC 2013
On 08/01/2013 11:39 PM, Nick Daly wrote:
> Hi folks, I've published the key-report tool. It reviews your PGP
> key ring and reports on keys that will expire soon.
>
> https://gitorious.org/key-report
>
> https://github.com/NickDaly/key-report
cool, i'm glad to see this work happening! looking at the code, it
seems to be trying to parse the human-readable output of gpg. that way
lies madness (and failure, esp. when the locale changes).
You probably want to pass gpg the --fixed-list-mode and --with-colons
options and parse the machine-readable data as described in
/usr/share/doc/gnupg/DETAILS.gz
Also: checking for primary key expiration is different from checking for
subkey expiration, and both are different from checking for
certification expiration. A comprehensive key-report tool might want to
consider all of those possible forms of expiration. in particular,
key-report should probably highlight pending (or recently-past)
expirations that the user can actually do something about. (e.g.
expirations of keys that the user controls the secret key material for,
or of certifications issued by the user).
another feature idea: key-report might also want to facilitate the
refresh of soon-to-expire keys from the keyservers.
Thanks for building this tool, Nick!
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20130801/bf9110b7/attachment.sig>
More information about the Freedombox-discuss
mailing list