2009年9月17日

[debian-users:52994] caffの使い方について


こんばんは。吉田@板橋です
キーサインパーティお疲れ様でした。

早速、キーサインをしてみようと思い、紹介されたcaffを
使ってみようとしましたが、下記のエラーで使えませんでした。

[NOTICE] Import failed for: 40AD1FA6.

No public keys found with list-key 40AD1FA6 (note that caff uses its own keyring in /home/user/.caff/gnupghome).

結局、下記のようにキーサイン参加者の鍵束を取り込んでから実行したら解決し
た様に見えます。


$ gpg --homedir /home/user/.caff/gnupghome --import ksp-200909.gpg

しかし、相変わらず、
[NOTICE] Import failed for: hogehoge
は表示されます。
これで正しい動作でしょうか?


以下詳細

ログ(異常時)
$ caff -u E358BEFB 40AD1FA6
[INFO] Importing key 7258EBFBE358BEFB from your normal GnuPGHome.
[INFO] fetching keys, this will take a while...
[NOTICE] Import failed for: 40AD1FA6.
Some keys could not be imported - continue anyway? [y/N] y
[WARN] Assuming 40AD1FA6 is a fine keyid.
[INFO] Sign the following keys according to your policy, then exit gpg with 'save' after signing each key
gpg --local-user E358BEFB --homedir=/home/user/.caff/gnupghome --secret-keyring /home/userfaith/.gnupg/secring.gpg --no-aut
o-check-trustdb --trust-model=always --edit 40AD1FA6 sign
gpg: 警告: homedir 「/home/user/.caff/gnupghome」の安全でない許可
gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

No public keys found with list-key 40AD1FA6 (note that caff uses its own keyring in /home/user/.caff/gnupghome).

ログ(正常時)
$ caff -u E358BEFB 40AD1FA6
[INFO] Importing key 7258EBFBE358BEFB from your normal GnuPGHome.
[INFO] fetching keys, this will take a while...
[NOTICE] Import failed for: 40AD1FA6.
Some keys could not be imported - continue anyway? [y/N] y
[WARN] Assuming 40AD1FA6 is a fine keyid.
[INFO] Sign the following keys according to your policy, then exit gpg with 'save' after signing each key
gpg --local-user E358BEFB --homedir=/home/user/.caff/gnupghome --secret-keyring /home/user/.gnupg/secring.gpg --no-aut
o-check-trustdb --trust-model=always --edit 40AD1FA6 sign
gpg: 警告: homedir 「/home/user/.caff/gnupghome」の安全でない許可
gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
本当に全ユーザーIDに署名しますか? (y/N) y

pub 4096R/40AD1FA6 作成: 2009-06-25 満了: 無期限 利用法: SC
主鍵の指紋: 5E62 9EE5 2321 9735 7B84 CF43 3224 7FBB 40AD 1FA6
(中略)

変更を保存しますか? (y/N) Y
(中略)
[INFO] key 40AD1FA6 done.
Mail signature for Nobuhiro Iwamatsu to 'iwamatsu@xxxxx'? [Y/n] Y
(略)
$

ディストリービューション lenny
$ cat /etc/debian_version
5.0.3

設定
$ cat /home/faith/.caffrc
# .caffrc -- vim:ft=perl:
# This file is in perl(1) format - see caff(1) for details.

$CONFIG{'owner'} = 'Yoshida Shunsuke';
$CONFIG{'email'} = 'koedoyoshida@xxxxx';
#$CONFIG{'reply-to'} = 'foo@xxxxx';

# You can get your long keyid from
# gpg --with-colons --list-key <yourkeyid|name|emailaddress..>
#
# If you have a v4 key, it will simply be the last 16 digits of
# your fingerprint.
#
# Example:
# $CONFIG{'keyid'} = [ qw{FEDCBA9876543210} ];
# or, if you have more than one key:
# $CONFIG{'keyid'} = [ qw{0123456789ABCDEF 89ABCDEF76543210} ];
$CONFIG{'keyid'} = [ qw{7258EBFBE358BEFB} ];

# Select this/these keys to sign with
#$CONFIG{'local-user'} = [ qw{7258EBFBE358BEFB} ];

# Additionally encrypt messages for these keyids
$CONFIG{'also-encrypt-to'} = [ qw{7258EBFBE358BEFB} ];

# Mail template to use for the encrypted part
$CONFIG{'mail-template'} = << 'EOM';
Hi,

please find attached the user id{(scalar @uids >= 2 ? 's' : '')}
{foreach $uid (@uids) {
$OUT .= "\t".$uid."\n";
};}of your key {$key} signed by me.
#
#If you have multiple user ids, I sent the signature for each user id
#separately to that user id's associated email address. You can import
#the signatures by running each through `gpg --import`.
#
#Note that I did not upload your key to any keyservers. If you want this
#new signature to be available to others, please upload it yourself.
#With GnuPG this can be done using
# gpg --keyserver subkeys.pgp.net --send-key {$key}
#
#If you have any questions, don't hesitate to ask.
#
#Regards,
#{$owner}
EOM

$ cat ~/.caff/gnupghome/gpg.conf
cert-digest-algo SHA512
personal-digest-preferences SHA512

以上識者のかたよろしくお願いします。
-------------------------------
吉田

投稿者 xml-rpc : 2009年9月17日 02:25
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/88687
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。