Checking OpenPGP Key and Signature Revocations

Today, I was responding to an issue on Mayfirst's issue tracker, involving the ssh key for a decommissioned server having never been revoked (and thus still active in the monkeysphere). Since the ticket had languished without followup for two years, I wanted to see if the work had been done, and just not commented on, so I went to check for revocations. There was only one problem — I rarely do that and realized that the process wasn't clear in my mind.

A little bit of searching on the Internet turned up descriptions and howtos about creating and publishing revocation certificates. Also, many layers of links back to some version of the GPG manual. Read up there for background on key and signature revocation.

To fill the lazy search void that I found, here is a quick and dirty guide to determining revoked keys and signatures.


Ikiwiki, In Squeeze Backports, and on MFPL

This fairly new and simple blog has actually been months in the making. Almost two months at this point. For many reasons, I've been falling down what seems like an unending rabbit hole with Ikiwiki. Somewhere towards the bottom I found that I had backported ikiwiki, and written an ikiwiki puppet module for Mayfirst servers, and was working on an auto.setup file specific to MFPL servers.

Launching this site was far harder than I had imagined when I first started setting up Ikiwiki. It turned into about four different projects.


Comments on this page are closed.