1.1 --- a/README.txt Sun Mar 30 23:58:12 2014 +0200
1.2 +++ b/README.txt Wed Sep 03 13:30:07 2014 +0200
1.3 @@ -511,6 +511,24 @@
1.4 of the exported key other than the originator was able to sign it with the
1.5 same keypair information.
1.6
1.7 +An alternative can involve bundling a secret with an exported key:
1.8 +
1.9 +To export a public key, the following command can be used:
1.10 +
1.11 +python tests/text_export.py 1C1AAF83 --secret
1.12 +
1.13 +This does nothing more than put a key in one message part and a secret entered
1.14 +on standard input in another part. However, the combination can then be
1.15 +encrypted and sent in a form where the secret is clearly associated with the
1.16 +key and can thus vouch for its authenticity:
1.17 +
1.18 + python tests/text_export.py 1C1AAF83 --secret \
1.19 +| python tests/test_encrypt.py 0891463A
1.20 +
1.21 +Here, only the recipient with key 0891463A can read the specified secret,
1.22 +check it with their copy of the secret, and thus come to a conclusion about
1.23 +the validity of the key provided.
1.24 +
1.25 The Message Format
1.26 ------------------
1.27
2.1 --- a/tests/test_export.py Sun Mar 30 23:58:12 2014 +0200
2.2 +++ b/tests/test_export.py Wed Sep 03 13:30:07 2014 +0200
2.3 @@ -1,10 +1,12 @@
2.4 #!/usr/bin/env python
2.5
2.6 from MoinMessage import GPG, Message
2.7 +from email.mime.text import MIMEText
2.8 import sys
2.9
2.10 if __name__ == "__main__":
2.11 keyid = sys.argv[1]
2.12 + use_secret = sys.argv[2:3] in [["-s"], ["--secret"]]
2.13
2.14 gpg = GPG()
2.15 key = gpg.exportKey(keyid)
2.16 @@ -13,9 +15,16 @@
2.17 message = Message()
2.18 message.add_update(key)
2.19
2.20 + # Get any secret
2.21 +
2.22 + if use_secret:
2.23 + print >>sys.stderr, "Secret..."
2.24 + secret = sys.stdin.read().strip()
2.25 + message.add_update(MIMEText(secret))
2.26 +
2.27 # Show the resulting text.
2.28
2.29 - text = message.get_payload()
2.30 + text = message.get_payload(subtype=use_secret and "x-moinmessage-keys" or None)
2.31 print text
2.32
2.33 # vim: tabstop=4 expandtab shiftwidth=4