Re: Remote signing of large files

2008-12-08 Thread Magnus Therning
Douglas A. Tutty wrote: > On Sun, Dec 07, 2008 at 11:10:29AM +, Magnus Therning wrote: >> Douglas A. Tutty wrote: >>> On Thu, Dec 04, 2008 at 12:26:31PM +, Magnus Therning wrote: > >>> I wonder about the latest comment on this thread. Examine why you don't >>> want the secret key on the

Re: Remote signing of large files

2008-12-07 Thread Douglas A. Tutty
On Sun, Dec 07, 2008 at 11:10:29AM +, Magnus Therning wrote: > Douglas A. Tutty wrote: > > On Thu, Dec 04, 2008 at 12:26:31PM +, Magnus Therning wrote: > > I wonder about the latest comment on this thread. Examine why you don't > > want the secret key on the build server and why you woul

Re: Remote signing of large files

2008-12-07 Thread Magnus Therning
Douglas A. Tutty wrote: > On Thu, Dec 04, 2008 at 12:26:31PM +, Magnus Therning wrote: >> At work I want to add signing to our automatic build system. In >> theory it's a simple application of `gpg` at the end of building to >> get a detached signature would do, but I'm weary of sticking the >

Re: Remote signing of large files

2008-12-06 Thread Douglas A. Tutty
On Thu, Dec 04, 2008 at 12:26:31PM +, Magnus Therning wrote: > At work I want to add signing to our automatic build system. In > theory it's a simple application of `gpg` at the end of building to > get a detached signature would do, but I'm weary of sticking the > secret key on the build serv

Re: Remote signing of large files

2008-12-06 Thread Boyd Stephen Smith Jr.
On Saturday 06 December 2008, Magnus Therning <[EMAIL PROTECTED]> wrote about 'Re: Remote signing of large files': >Boyd Stephen Smith Jr. wrote: >> Please don't CC me on replies, unless I request one. It is against >> debian-* list policy. > >Sure, and

Re: Remote signing of large files

2008-12-06 Thread Tzafrir Cohen
On Sat, Dec 06, 2008 at 08:21:12PM +0200, subscriptions wrote: > > > On Thu, Dec 04, 2008 at 12:26:31PM +, Magnus Therning wrote: > > I'd feel a bit more safe if the signing could be done on a separate > > server. However, the built files are large and I don't want to > > introduce a bottle ne

Re: Remote signing of large files

2008-12-06 Thread Magnus Therning
Magnus Therning" <[EMAIL PROTECTED]> >>> wrote >>> about 'Remote signing of large files': >>>> So, my idea was to somehow separate the two steps that GnuPG performs >>>> under the hood when signing, creating the message digest (hash) and

Re: Remote signing of large files

2008-12-06 Thread subscriptions
> On Thu, Dec 04, 2008 at 12:26:31PM +, Magnus Therning wrote: > I'd feel a bit more safe if the signing could be done on a separate > server. However, the built files are large and I don't want to > introduce a bottle neck by transfering all files back and forth over > the network. The above

Re: Remote signing of large files

2008-12-06 Thread Magnus Therning
Osamu Aoki wrote: > On Thu, Dec 04, 2008 at 12:26:31PM +, Magnus Therning wrote: >> At work I want to add signing to our automatic build system. In >> theory it's a simple application of `gpg` at the end of building to >> get a detached signature would do, but I'm weary of sticking the >> secr

Re: Remote signing of large files

2008-12-05 Thread Osamu Aoki
On Thu, Dec 04, 2008 at 12:26:31PM +, Magnus Therning wrote: > At work I want to add signing to our automatic build system. In > theory it's a simple application of `gpg` at the end of building to > get a detached signature would do, but I'm weary of sticking the > secret key on the build serv

Re: Remote signing of large files

2008-12-05 Thread Boyd Stephen Smith Jr.
Please don't CC me on replies, unless I request one. It is against debian-* list policy. On Friday 2008 December 05 15:49, you wrote: > Boyd Stephen Smith Jr. wrote: > > On Thursday 04 December 2008, "Magnus Therning" <[EMAIL PROTECTED]> > > wrote >

Re: Remote signing of large files

2008-12-05 Thread Magnus Therning
Boyd Stephen Smith Jr. wrote: > On Thursday 04 December 2008, "Magnus Therning" <[EMAIL PROTECTED]> wrote > about 'Remote signing of large files': >> I'd feel a bit more safe if the >> signing could be done on a separate server. However, the built

Re: Remote signing of large files

2008-12-04 Thread Boyd Stephen Smith Jr.
On Thursday 04 December 2008, "Magnus Therning" <[EMAIL PROTECTED]> wrote about 'Remote signing of large files': >I'd feel a bit more safe if the >signing could be done on a separate server. However, the built files >are large and I don't want to intr

Re: Remote signing of large files

2008-12-04 Thread Magnus Therning
On Thu, Dec 4, 2008 at 12:30 PM, Thomas Karpiniec <[EMAIL PROTECTED]> wrote: > Hi Magnus, > > Magnus Therning wrote: >> At work I want to add signing to our automatic build system. In >> theory it's a simple application of `gpg` at the end of building to >> get a detached signature would do, but I

Re: Remote signing of large files

2008-12-04 Thread Thomas Karpiniec
Hi Magnus, Magnus Therning wrote: > At work I want to add signing to our automatic build system. In > theory it's a simple application of `gpg` at the end of building to > get a detached signature would do, but I'm weary of sticking the > secret key on the build servers. I'd feel a bit more safe

Remote signing of large files

2008-12-04 Thread Magnus Therning
At work I want to add signing to our automatic build system. In theory it's a simple application of `gpg` at the end of building to get a detached signature would do, but I'm weary of sticking the secret key on the build servers. I'd feel a bit more safe if the signing could be done on a separate