Checking OpenPGP Key and Signature Revocations

Today, I was responding to an issue on Mayfirst's issue tracker, involving the ssh key for a decommissioned server having never been revoked (and thus still active in the monkeysphere). Since the ticket had languished without followup for two years, I wanted to see if the work had been done, and just not commented on, so I went to check for revocations. There was only one problem — I rarely do that and realized that the process wasn't clear in my mind.

A little bit of searching on the Internet turned up descriptions and howtos about creating and publishing revocation certificates. Also, many layers of links back to some version of the GPG manual. Read up there for background on key and signature revocation.

To fill the lazy search void that I found, here is a quick and dirty guide to determining revoked keys and signatures.


Ikiwiki, In Squeeze Backports, and on MFPL

This fairly new and simple blog has actually been months in the making. Almost two months at this point. For many reasons, I've been falling down what seems like an unending rabbit hole with Ikiwiki. Somewhere towards the bottom I found that I had backported ikiwiki, and written an ikiwiki puppet module for Mayfirst servers, and was working on an auto.setup file specific to MFPL servers.

Launching this site was far harder than I had imagined when I first started setting up Ikiwiki. It turned into about four different projects.


Ahead of the curve, I start a blog

I just heard a about this new thing, they call it a blog! Have you heard? As one who is always up on their latest tech, I welcome you to my blog.

So, yeah, I'm really late to the whole blogging thing. If it were 2004, I might be ahead of the curve, but like a true trend setter I've waited until no one cares anymore. These days, setting up a blog is about as exciting as setting up an email address. But, like email, blogs are now a part of the way information travels on the Internet.


Privilege Separation Using Xpra

This is the next in a series on changes I made when I upgraded from Debian squeeze to wheezy (see the first one). I decided to take to opportunity of the upgrade to do some better privilege separation on my system. The goal was to get the software that I don't think should have any access to the rest of my running X session, to run as its own user and be completely cut off from my X session. This had to happen in a way that doesn't change my work flow and browsing habits. I accomplished this using Xpra, and some handler scripts.


Getting startx, Consolekit and Xfce 4.8 to play nicely in Debian wheezy

I recently upgraded from Debian squeeze to wheezy. As happens with these upgrades, I was awash in things that no longer worked quite the way I expected them to, and configuration changes to make.

This is the first of a couple pieces on what I did to get things working to my liking. As the title suggest, this is about the the interactions of startx, ConsoleKit, and Xfce 4.8. Or, more accurately, how the interactions between those things broke in my setup when I upgraded, and how I got it working again.


Comments on this page are closed.