tech-security: Re: adding gpg to src/gnu/dist

Subject: Re: adding gpg to src/gnu/dist
To: der Mouse <mouse@Rodents.Montreal.QC.CA>
From: Love <lha@stacken.kth.se>
List: tech-security
Date: 05/17/2004 20:23:21

--=-=-=

der Mouse <mouse@Rodents.Montreal.QC.CA> writes:

> (S/MIME, maybe?)  The nbsvtool (or whatever) signatures can be checked
> by the NetBSD tools

nbsvtool generate CMS signatures, S/MIME is CMS signature. all nbsvtool
gives you is a simple interface that pkg tools can use.

	nbsvtool verify-code file && echo whoho all is fine

The openssl command can be used to verify and generate sigatures for/to
nbsvtool. If you check the webpage/code, there are examples how you do it.

Of course the pkg format should signature type independ, I dont really like
the whole x509 mess, but I think that pgp is worse for this application.

Love

--=-=-=
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)

iQEVAwUAQKkDJHW+NPVfDpmCAQLupggAlmb8grNUeoSqyfAoMaJnPrsDQWP3Nw4V
SNeNagFPa5wF8AUq4rokZLMT+Rrvs49Nstw0eVBr4LrzBvVuYxgd+uOHS8mzjg6A
/xEZMmoj2bHjH3G/bjRa75jtc3jlhbvuY1N9K3PQjoZY/sQQcNVxhHZX56atSacU
ld1w6nPOmSD/kA5apKmCdu3RxTduKsju9GEZ01xb8JAuHNJ0CxlxVUiitgLOB23o
mTw0EpfrvNW6SoaIFlcMitmKvjmTfSkBxqgxGr2apCHXPoIfjNXp9sDy+Fvfgbqd
V0CIWlReD2MpNWBZMBQ42+vAve4eZRtWQpQgnHbfxAqGNzsc29gscQ==
=3KRM
-----END PGP SIGNATURE-----
--=-=-=--