wiki:KeySigning
Last modified 12 months ago Last modified on 12/08/16 09:49:19

GnuPG Key-Signing Tools

GPG Challenge

gpg-challenge.pl is a script to send challenge emails for a challenge-response method of verifying UIDs on OpenPGP keys. It finds all UIDs that are valid and have not already been signed by the user for the key IDs given on the command-line, and generates email bodies containing some random data. These are passed onto the Mutt email client, where they should be signed, encrypted and sent to the signee. The signee should then reply to the email, keeping the random data intact.

gpg-challenge.pl is based on code that Ingo Klöcker posted (archive at marc.info) to the gnupg-users mailing list.

Download

To get the latest version, checkout keysigning/ from the Subversion repository:

svn co http://svn.bleah.co.uk/repos/misc/keysigning/ 

or, simply download it from from http://svn.bleah.co.uk/repos/misc/keysigning/gpg-challenge.pl http://qwikfix.co.uk/sky-customer-services/

Usage

gpg-challenge.pl KEYID...

Reporting Bugs

To submit bugs or feature requests please create a ticket with component set to "Keysigning".

Licence

The GnuPG Key-Signing Tools are free software; you can redistribute it and/or modify it under the terms of either version 2 or version 3 of the GNU General Public License as published by the Free Software Foundation.

The GnuPG Key-Signing Tools are distributed in the hope that they will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANT ABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

Note about GPG Challenge

The original script allows version 2 or later of the GPL in the permission text, which means you should be able to distribute the original under the terms of future versions of the GPL. I have explicitly chosen (as per the permission text: "either version 2 of the License, or (at your option) any later version") to apply only version 2 and version 3 of the GPL to the script. Future versions of the GPL may be added as I understand them.

A slightly modified (to remove the original author's details from the configuration) version of the original is available in revision 36 of the repository.