[rt-users] Question about User->PGPKey
Jesse Vincent
jesse at bestpractical.com
Tue Aug 23 16:58:01 EDT 2005
On Mon, Aug 22, 2005 at 10:26:31PM +0200, Jan Hudec wrote:
> Hello,
>
> During debugging of Auth::GnuPG enahncement I've noticed that there is
> User->PGPKey defined, but is does not seem to be possible to set it anywhere
> in the web interface. What was the plan with this field?
The field has been there for a couple years. We've never used it ;)
>
> That is I currently have a modified Auth::GnuPG, that, after veryfying the
> signature looks for "Keys" custom field of the user and compares the key-id
> (unfortunately it only returns the short key-id) to values of that field. If
> it matches, that user is authenticated. Otherwise, the mail is rejected. My
> keydir contains gpg.conf with 'keyserver' option, so the actual keys are
> downloaded and the IDs are then verified.
What we've generally recommended was that you not use a keyserver and
_DO_ keep all your trusted keys in the keyring. It just feels easier to
maintain for us.
Jesse
> So I wanted to know, if the 'PGPKey' field was meant to be used like this, or
> how it was meant to be used.
>
> --
> Jan 'Bulb' Hudec <bulb at ucw.cz>
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Be sure to check out the RT Wiki at http://wiki.bestpractical.com
--
More information about the rt-users
mailing list