New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I suggest a feature to sign a public key : gpg2 --sign-key name #29
Comments
I might consider adding this, though I can't think of any threat model where allowing automated, likely passwordless, certification of other keys increases security in some substantial manner. Actually, the only "useful" thing (from some peoples' views) that I could foresee being done with this feature would be to use it to spam/poison the Web of Trust with a bunch of fake keys which cross-certify each other. How were you thinking of using it? |
May I just ask for clarity: Is it possible, right now, to sign a key with python-gnupg? |
@isislovecruft we'll need that in @leapcode to roll new keys, when you generate a new key you want to sign it with the previous one. I'm having a look to the code to propose an implementation of key signature for python-gnupg. @muelli as far as I digg in the code it's not implemented anywhere. |
@meskio I'll take patches for this. It's going to be pretty hard to do. By default, |
After some tests I see you are right, this is not going to be easy. Right now I have other priorities and I put that on the back log. I'll come back at some point to try to implemented again. Thanks for the info. |
On gnupg-users, Werner mentions that with GnuPG 2.1 it should be easier to implement. http://www.gossamer-threads.com/lists/gnupg/users/68547 |
Hi,
I suggest a feature to sign a public key :
gpg2 --sign-key name
http://www.gnupg.org/documentation/manuals/gnupg/OpenPGP-Key-Management.html#OpenPGP-Key-Management
Best regards,
Stephane
The text was updated successfully, but these errors were encountered: