pgp.mit.edu
seth vidal
skvidal at fedoraproject.org
Mon Feb 25 18:21:40 UTC 2008
On Mon, 2008-02-25 at 13:20 -0500, Ricky Zhou wrote:
> > The FAS just needs to be able to access the key someone has signed the
> > CLA with, right? Perhaps instead of requiring any particular
> > keyserver at all, the sign up could just let the user paste their key?
> > Then, with a little bit of pygpgme (or whatever glue you like), add
> > that key to an FAS keyring and verify the CLA signature. I could be
> > missing something obvious about why the process requires using a
> > keyserver, but it seems to me like that requirement could be removed
> > without much trouble.
> For what it's worth, this would make it way easier to implement from the
> pygpgme side. Right now, I don't see any nice mechanism for downloading
> keys from the keyserver (although I might just be missing it), and the
> current CLA code uses kind of a hack with keyserver-options auto-key-retrieve,
> which only works when we're verifying a signature.
>
We can definitely break the key up with pygpgme - but to be fair
downloading keys from the keyserver can be done using hkp.
-sv
More information about the Fedora-infrastructure-list
mailing list