Gentoo Archives: gentoo-dev

From: Kristian Fiskerstrand <k_f@g.o>
To: gentoo-dev@l.g.o, Rich Freeman <rich0@g.o>
Subject: Re: [gentoo-dev] Best way to create a GLEP 63 compliant GPG key on Nitrocard?
Date: Thu, 25 Apr 2019 20:56:28
In Reply to: Re: [gentoo-dev] Best way to create a GLEP 63 compliant GPG key on Nitrocard? by Rich Freeman
1 On 4/25/19 10:48 PM, Rich Freeman wrote:
2 > I think a big problem is that gpg is sorely lacking in command line
3 > commands/options for key management. Almost anything having to do
4 > with key management involves a back-and-forth console interaction.
6 Yes and no.. One issue is it depends on context, which differs, for
7 generating a new TPK everything is easy to document, but from there
8 things gets curious for how to adjust existing key material.
10 The main issue is security can't be solved technically, it is ultimately
11 requires social interaction and proper procedures / policy (if you
12 haven't seen the movie Crimson Tide, now is the time to do so, it is the
13 only movie I'm aware of that is singularly about proper security procedure)
15 E.g --quick-add-key can be easily used to generate a new signing subkey
16 from a default generated key, but why not just do an addkey in
17 interactive mode?
19 Quite frankly I'd expect a Gentoo Developer to be able to manage the gpg
20 interface.
22 --
23 Kristian Fiskerstrand
24 OpenPGP keyblock reachable at hkp://
25 fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3


File name MIME type
signature.asc application/pgp-signature