GnuPG Key-Signing Tools

GPG Challenge

gpg-challenge.pl​ is a script to send challenge emails for a challenge-response method of verifying UIDs on OpenPGP keys. It finds all UIDs that are valid and have not already been signed by the user for the key IDs given on the command-line, and generates email bodies containing some random data. These are passed onto ​the Mutt email client, where they should be signed, encrypted and sent to the signee. The signee should then reply to the email, keeping the random data intact.

gpg-challenge.pl is based on code that Ingo Klöcker ​posted (​archive at marc.info) to the ​gnupg-users mailing list.

Download

To get the latest version, checkout keysigning/ from the ​Subversion repository:

svn co http://svn.bleah.co.uk/repos/misc/keysigning/

or, simply download it from from ​http://svn.bleah.co.uk/repos/misc/keysigning/gpg-challenge.pl

Usage

gpg-challenge.pl KEYID...

Reporting Bugs

To submit bugs or feature requests please create a ticket with component set to "Keysigning".

• Active Tickets
• Closed Tickets
• All Tickets
• Un-assigned Active Tickets

License

The GnuPG Key-Signing Tools are free software; you can redistribute them and/or modify them under the terms of version 2 of the ​GNU General Public License as published by the ​Free Software Foundation.

The GnuPG Key-Signing Tools are distributed in the hope that they will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ​GNU General Public License for more details.

Note about GPG Challenge

The original script allowed version 2 or later of the GPL, while my own additions are licensed only under version 2. A slightly modified (to remove the original author's details from the configuration) version of the original is available in revision 36 of the repository.