Verifying and checksumming new release is somewhat cumbersom

2020-11-26 Thread john doe via Gnupg-users 

Hello all,

I see that at (1) and (2) the public keys block and the sha1sums
respectively are listed on their corresponding page.

Is there a URL to download those sha1sums and those public keyss as  files?

That is for checksumming I could simply do:

$ wget 
$ sha1sum -c  --ignore-missing

and for the public key I could do something like:

$ wget 
$ gpg --import 
$ gpg --verify *.sig

I understand that for this last step I could also do:

$ gpg --keyserver-options auto-key-retrieve veirfy *.sig


Any feedback is appreciated.

P.S.

If I can I'll be more than happy to help tweaking the release process in
that regard.


1)  https://gnupg.org/download/integrity_check.html
2)  https://gnupg.org/signature_key.html

--
John Doe

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Five volunteers needed (EU only please)

2020-11-26 Thread Dirk Gottschalk via Gnupg-users 
Hello Stefan.

Am Montag, den 05.10.2020, 17:37 +0200 schrieb Stefan Claas:
> Hi all,
> 
> while I did some JAB-Code experiments with MMS, to send GnuPG
> messages with a dumb
> phone, I came up now with a new idea. :-)
> 
> For that I need five people who are willing to share with me their
> postal address.
> You can send me your address GnuPG encrypted. I will not store your
> address on my
> computer and will delete your email, once I received it.
> 
> My new idea is to send encrypted postcards or letters, with an NFC
> tag attached,
> containing a GnuPG clearsigned test message. I like to see if the
> postcards will
> arrive in proper condition, so that the NFC tags are still readable.
> [...]

For this test I would suggest to not use NFC stickers or anything like
that. I would suggest using plastic cards with embedded NFC Tags.

The reason for my suggestion. I'm working at a company which creates
and sells solutions for european transportation and logistics
companies. We use NFC tags for a drivers license check. These are
stickers on the drivers license card to check if it is available.
Removing them from the card destroys them. We now had multiple times
the problem that those stickers were dead on arrival. We did a fw tests
ans saw that the problem occurs only after the tags were on the postal
way. Perhaps some strong magnetic fields in the postal systems, or
anything like that.

Now as we send and receive those tags in boxes, we didn't have Problems
anymore.

Cards never had this problem, as far as I can tell.

The Tags should have enough memory to take encrypted messages. I think
at least 12k. The more memory, the longer can the message be.

Another benefit of using plastic cards instead of sticker tags is: They
are reusable.

Kind regards,
Dirk

-- 
Dirk Gottschalk

GPG key Fingerprint: C8F4 4499 861E D5B7 66FC  18F5 8E34 AF58 6574 32C8
Keyoxide: https://keybase.io/dgottschalk
GitHub: https://github.com/Dirk1980ac



signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users