New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Information for a GPG noob #9
Comments
I think the answer is, your keys are not on a public key server. :) The overall idea of |
Maybe I misunderstand what you mean by server, then. You're not talking about an ‘GPG server’ in the sense of |
@ELLIOTTCABLE that is correct. |
@dominictarr so far, I'm still extremely confused. This is more confusing than Bitcoin! ;) So, if I understand this at all, I need to:
So, all together, very very confusing. Never seen this process used anywhere else, is it some sort of standard format I've just not run into yet? Or is this something pkp-specific (and/or cyphernet-specific)? |
So, you have a car. Now, you want to prove to me that you own the car, i.e. that you control the car keys to that car. here are some approaches you could use:
Maybe they could steal the note from you, when you gave them a lift or something, but you could also include in the node a picture of the car, or the license plate or both. Things that could be verified from the outside with breaking in to the car. Okay. Was that less confusing than bitcoin? This system is basically the same, except cars are users on web apps, and the dashboard is a place only you can write to, but is publicly readable. http://github.com/ELLIOTTCABLE/ is a place that you can write to (because you have the password) |
That makes complete sense. So from that explanation, I don't need a private repository (didn't think that made any sense anyway; but playing newbie's-advocate here) … next question being, exactly what filetype is "a signature?" And what program generates one; and what format does the content take, exactly? (Just the URL it's going to verify?) Related: is there a particular required name for the repository, or for the file? Or some sort of soft standard I should follow? |
hmm, I'm not sure that has been 100% figured out yet. |
oh, nice. there is one here although, it should be it's own module. |
… Hm. So how do SSH keys come into play? Thought this was all about GPG keys. ⁓ ELLIOTTCABLE — fly safe. On Wed, Dec 4, 2013 at 2:13 AM, Dominic Tarr notifications@github.com
|
at the end of the day, it's all the same. ssh uses public/private key pairs, and gpg uses public/private keypairs... problem is that gpg is way to complex to use, and like key signing parties? |
Ah. I misunderstood the project entirely. This isn't to make using Have I got that right? ⁓ ELLIOTTCABLE — fly safe. On Wed, Dec 4, 2013 at 7:09 PM, Dominic Tarr notifications@github.comwrote:
|
yeah, at least to explore the possibilities of a pgp like system that is simpler and more hackable. |
So, I've got an OpenPGP key. That much, I know. I know how to list my keys, and get an identifier for the key I use. I know how to protect my private-keys. But that, is about all I know.
There's nothing in the README or
help.txt
to describe what I should be doing when I first invokepkp
. It asks me for my public-key server IP or URL; and I know neither.How do I find out what public-key server my keys are on?
Once I've figured out a server for my keys, I'm then left wondering which files
pkp
wants, when it asks for my public and private keys. All I, as a noob, know, is that it's created these two files:~/.gnupg/pubring.gpg
and~/.gnupg/secring.gpg
.Are there other files I'm expected to pass? I only get the following errors:
The text was updated successfully, but these errors were encountered: