1.1 --- a/README.txt Wed Oct 16 15:59:19 2013 +0200
1.2 +++ b/README.txt Wed Oct 16 16:11:30 2013 +0200
1.3 @@ -26,10 +26,12 @@
1.4 Configuring GPG: Signing Keys
1.5 -----------------------------
1.6
1.7 -To be in any way useful, signing keys must be made available within this
1.8 -homedir so that incoming messages can have their senders verified.
1.9 +For a wiki to be able to receive content, signing keys must be made available
1.10 +within the wiki's GPG homedir so that incoming messages can have their senders
1.11 +verified.
1.12
1.13 -To see the keys available to you in your own environment:
1.14 +Consider the need to send content to a wiki yourself. To see the keys
1.15 +available to you in your own environment:
1.16
1.17 gpg --list-keys --with-fingerprint
1.18
1.19 @@ -45,6 +47,9 @@
1.20
1.21 gpg --homedir WIKI/gnupg --import 1C1AAF83.asc
1.22
1.23 +Signing keys can also be used in the authoring of messages within a wiki, and
1.24 +this is discussed in "The Username-to-Signing-Key Mapping" section below.
1.25 +
1.26 Configuring GPG: Encryption Keys
1.27 --------------------------------
1.28
1.29 @@ -69,7 +74,7 @@
1.30 gpg --import 0891463A.asc
1.31
1.32 This key can also be used to sign relayed messages, and this is described in
1.33 -more detail below.
1.34 +more detail in "The Username-to-Signing-Key Mapping" section below.
1.35
1.36 Configuring the Wiki
1.37 --------------------
1.38 @@ -165,7 +170,7 @@
1.39 added to this mapping and specify the same relaying user; there is no
1.40 restriction on each fingerprint needing to map to a different user.
1.41
1.42 -The Username-to-Signing Key Mapping
1.43 +The Username-to-Signing-Key Mapping
1.44 -----------------------------------
1.45
1.46 The mapping from usernames to fingerprints typically defined by the
1.47 @@ -181,6 +186,15 @@
1.48 whereas the signing of messages requires access to a private key. Thus, the
1.49 signing process employs a special private key known to the wiki for a user.
1.50
1.51 +To create such a key, the following command can be used:
1.52 +
1.53 +gpg --homedir WIKI/gnupg --gen-key
1.54 +
1.55 +This is just like creating a key for the wiki itself (see "Configuring GPG for
1.56 +a Wiki" above), but you will label the key appropriately for the user and
1.57 +associate the key with the user in the mapping described above. Remember to
1.58 +remove the passphrase so that the wiki can access the key.
1.59 +
1.60 If a wiki is to perform message relaying, the special relaying user must be
1.61 defined in this mapping together with an appropriate key fingerprint. You can
1.62 use the key generated during the wiki's configuration (see "Configuring GPG