[Pki-clean-room-devel] Consider Keysafe
Daniel Pocock
daniel at pocock.pro
Tue Nov 29 10:23:30 UTC 2016
On 29/11/16 10:28, Jonathan McDowell wrote:
> On Mon, Nov 28, 2016 at 03:13:54PM -0700, Sean Whitton wrote:
>> Hello PGP clean room devs,
>>
>> Possibly there has been a discussion of this somewhere, but I'd
>> like to suggest you consider Keysafe for the USB backup of master
>> keys. Here's a blog post from the Keysafe author about how it
>> can be used in this way:
>> https://joeyh.name/blog/entry/keysafe_with_local_shares/
>>
>> Keysafe is available from Debian experimental. It won't be
>> unstable until it's gone through a security audit, and a lot more
>> development. I don't know what your timescale is for this
>> project, but hopefully Keysafe is at least worth considering.
>
> There's also libgfshare (and libgfshare-bin) which is in jessie but
> only handles the local copies situation.
>
> http://www.digital-scurf.org/software/libgfshare
>
Could you please add these things to the wiki?
Perhaps we can request a pseudo-package in the BTS for the clean room,
then people can register ideas like this as wishlist bugs and propose
various solutions through the BTS? Or perhaps the script to build the
clean room could become a package itself and then it will
automatically be in the BTS?
Regards,
Daniel
More information about the PKI-Clean-Room-Devel
mailing list