I went to a keysigning last night, and started playing with some software for graphing the web of trust. I have generated some images that are kinda cool, and you can see them at http://apacheadmin.com/gpg/
I generated this using graphviz (http://www.research.att.com/sw/tools/graphviz/) and sig2dot.pl (http://www.chaosreigns.com/code/sig2dot/)
The procedure for generating one of these from your keyring is:
gpg --list-sigs | ./sig2dot.pl > keyring.dot neato -Tps keyring.dot > keyring.ps convert keyring.ps keyring.jpg convert -size 100x200 keyring.jpg keyring_thumb.jpg
A couple notes, should you try this at home.
1) I could not figure out how to get it to just run from a particular keyring, and so I actually moved my real keyring to a backup, and replaced it with the one I wanted to work with. There's probably another way to do this.
2) If there are more than 100 or so keys on a ring, this takes an enormous amount of time and memory. I tried to generate one for my entire keyring, and gave up after an hour.
3) I have wasted the entire morning doing this. Be warned that, if you're into this kind of thing, you may not get anything done for the rest of the day. So, at least somebody tell me that this is the coolest thing you have seen today, so that I don't feel like I have completely watest my time. ;-)
4) No, I don't know what the colors mean. I know that I saw it explained somewhere, but I don't remember where, or what the explanation was.
This is kinda cool, I wonder if you updated the sigs from the keyservers or just used KEYS files? I ask coz I suspect the KEYS files have not been properly updated since ApacheCon, where much signing was done.
Cheers,
Ben.
-- http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
