[pkg-gnupg-maint] Convenient access to Debian keyrings
Sean Whitton
spwhitton at spwhitton.name
Sat Apr 1 22:40:17 UTC 2017
Hello,
I'd like to ask for tips and ideas to make more convenient use of the
keyrings installed by the debian-keyring package.
Currently, I have mutt pass `--keyring /usr/share/keyrings/...` for each
of the keyrings, so that I can verify signatures on e-mails. It would
be more natural to just add `keyring /usr/share/keyrings/...` to
~/.gnupg/gpg.conf, but when I tried this I often got errors from gpg
trying to write to the keyrings in /usr/share/keyrings. Is there some
way to mark a keyring as read-only?
Another issue is that I'd like to mark the keys in the Debian keyrings
as trusted. The default way of using PGP requires quite short trust
paths in order to consider a key trusted, but since our keyring is
curated, it is much less important for there to exist a short trust path
between my key and a DD's key -- if it's in the keyring, I have very
good reason to believe it really belongs to the person named in the
UID. Is there some way to mark a whole keyring as trusted?
Thanks!
--
Sean Whitton
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20170401/6b70d8b2/attachment.sig>
More information about the pkg-gnupg-maint
mailing list