> On Jun 17, 2010, at 11:33 PM, Boris wrote: > > > Hi, > > > > I would like to know if there is a way to add multiple signatures for a > > file (in a separate file) and check who signed with just one command (so > > not by signing a signed file...). > > Sure. > > gpg -u signer_1 -u signer_2 -u signer_3 --detach-sign file-to-sign > > You'll end up with a file-to-sign.sig that contains all three signatures. > When you verify file-to-sign.sig, all three signatures will be checked. > > Alternately, you can do the same "multiple signer" trick with regular --sign > if you want the data and signatures to be put together into a single file.
On Jun 18, 2010, at 9:14 AM, Boris wrote: > Ok, Thanks David, > > But what if the file is signed by people working on different computers? > So they will had their signature on the current separate file (correesponding > to the people who already signed a specific file). If you want a bunch of people all signing the same file, have each signer do this: gpg -u signer-X -o signer-X-signature --detach-sign file-to-sign Then have them all send you their "file-to-sign.sig" files. You create a file containing all of them: cat signer-1-signature signer-2-signature signer-3-signature > file-to-sign.sig Then anyone can verify file-to-sign.sig against the original file-to-sign and see all the signatures verified. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
