Thought I'd contribute my brief understanding of
package signing using openssl. I believe this package can
be customized on install so that it only provides the
tools you need. Package signing only needs (I believe) 4:
md5, rsautl, genrsa, and rsa.
First, you need the md5 hash of
> And Jack Coats pointed out gpgv that might fit on a CD (283932 bytes),
> to which Jeff Newmiller reminded all that gpg will take that much
> ramdisk + RAM to run in...
>
> gpgv is the verification only part, and looking through the source code,
> most of it is gpg "stubbed out" (to be as small a
On Tue, 4 Dec 2001, Charles Steinkuehler wrote:
> Yeah, I think it's pretty big, plus I believe most of these packages
require
> openssl and other huge add-ons to run. The basics of public-key
> cryptography, however, are pretty simple, so I think it'd be possible to
> make a small (a few K, pe
