Opened 4 years ago

Last modified 4 years ago

#46 new task

Key import/export

Reported by: Silvio Rhatto Owned by: Silvio Rhatto
Priority: major Milestone: hardened
Component: packaging Version: 2.0.0
Keywords: Cc:

Description (last modified by Silvio Rhatto)

Add export-keys, export-secret-keys and import-keys actions which export/import keys from the OpenPGP keyring to a keyringer secret.

This is useful for sharing an OpenPGP Role Key, backing up collective/mailing list keys and also use keyringer as an alternative sharing scheme for OpenPGP keys other thank keyservers.

Key refreshing from keyringer <keyring> check might have a feature to not use keyservers and instead refresh keys just from the keyring repository.

Change History (4)

comment:1 Changed 4 years ago by Silvio Rhatto

Description: modified (diff)

comment:2 Changed 4 years ago by Silvio Rhatto

Description: modified (diff)

comment:3 Changed 4 years ago by Silvio Rhatto

We could consider a set of actions that would mimic the usage of a OpenPGP keyserver by a closed group. This is a rough sketch:

  • gpg-import <path> <fingerprint> (or import-gpg-key): import a key matching <fingerprint> from your GnuPG keyring to the secret named path at your keyring.
  • gpg-export <path> (or export-gpg-key): export a key stored at the secret named <path> to your GnuPG keyring.
  • refresh-keys: sync your GnuPG keyring with keys available at the keys/keyring folder from your keyring.
  • send-keys <fingerprints>: sync the keys keys/keyring folder from your keyring with the ones available at your GnuPG keyring.
  • recv-keys <fingerprints>: get a key available at keys/keyring folder from your keyring and import at your GnuPG keyring.

comment:4 Changed 4 years ago by Silvio Rhatto

We also might consider the check action to automatically run refresh-keys if keys/keyring folder is available.

Note: See TracTickets for help on using tickets.