On 4/25/19 10:48 PM, Rich Freeman wrote: > I think a big problem is that gpg is sorely lacking in command line > commands/options for key management. Almost anything having to do > with key management involves a back-and-forth console interaction.
Yes and no.. One issue is it depends on context, which differs, for generating a new TPK everything is easy to document, but from there things gets curious for how to adjust existing key material. The main issue is security can't be solved technically, it is ultimately requires social interaction and proper procedures / policy (if you haven't seen the movie Crimson Tide, now is the time to do so, it is the only movie I'm aware of that is singularly about proper security procedure) E.g --quick-add-key can be easily used to generate a new signing subkey from a default generated key, but why not just do an addkey in interactive mode? Quite frankly I'd expect a Gentoo Developer to be able to manage the gpg interface. -- Kristian Fiskerstrand OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
signature.asc
Description: OpenPGP digital signature
