aboutsummaryrefslogtreecommitdiffhomepage
path: root/doc/html/GnuPG-signature/index.html
diff options
context:
space:
mode:
authorVirtualTam <virtualtam@flibidi.net>2017-08-01 19:00:03 +0200
committerVirtualTam <virtualtam@flibidi.net>2017-08-02 14:48:41 +0200
commit9ff77362fe3c132ac390399e184424edcbfcf90a (patch)
tree8fa58c4a9cf32c80b766527b8792c6b277532a0b /doc/html/GnuPG-signature/index.html
parentc71c7e2bd49be4123a79d0bf9a882ea516f07674 (diff)
downloadShaarli-9ff77362fe3c132ac390399e184424edcbfcf90a.tar.gz
Shaarli-9ff77362fe3c132ac390399e184424edcbfcf90a.tar.zst
Shaarli-9ff77362fe3c132ac390399e184424edcbfcf90a.zip
documentation: remove generated HTML from SCM
Relates to https://github.com/shaarli/Shaarli/issues/908 Signed-off-by: VirtualTam <virtualtam@flibidi.net>
Diffstat (limited to 'doc/html/GnuPG-signature/index.html')
-rw-r--r--doc/html/GnuPG-signature/index.html427
1 files changed, 0 insertions, 427 deletions
diff --git a/doc/html/GnuPG-signature/index.html b/doc/html/GnuPG-signature/index.html
deleted file mode 100644
index 82e22070..00000000
--- a/doc/html/GnuPG-signature/index.html
+++ /dev/null
@@ -1,427 +0,0 @@
1<!DOCTYPE html>
2<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
3<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
4<head>
5 <meta charset="utf-8">
6 <meta http-equiv="X-UA-Compatible" content="IE=edge">
7 <meta name="viewport" content="width=device-width, initial-scale=1.0">
8
9
10 <link rel="shortcut icon" href="../img/favicon.ico">
11 <title>GnuPG signature - Shaarli Documentation</title>
12 <link href='https://fonts.googleapis.com/css?family=Lato:400,700|Roboto+Slab:400,700|Inconsolata:400,700' rel='stylesheet' type='text/css'>
13
14 <link rel="stylesheet" href="../css/theme.css" type="text/css" />
15 <link rel="stylesheet" href="../css/theme_extra.css" type="text/css" />
16 <link rel="stylesheet" href="../css/highlight.css">
17 <link href="../github-markdown.css" rel="stylesheet">
18
19 <script>
20 // Current page data
21 var mkdocs_page_name = "GnuPG signature";
22 var mkdocs_page_input_path = "GnuPG-signature.md";
23 var mkdocs_page_url = "/GnuPG-signature/";
24 </script>
25
26 <script src="../js/jquery-2.1.1.min.js"></script>
27 <script src="../js/modernizr-2.8.3.min.js"></script>
28 <script type="text/javascript" src="../js/highlight.pack.js"></script>
29
30</head>
31
32<body class="wy-body-for-nav" role="document">
33
34 <div class="wy-grid-for-nav">
35
36
37 <nav data-toggle="wy-nav-shift" class="wy-nav-side stickynav">
38 <div class="wy-side-nav-search">
39 <a href=".." class="icon icon-home"> Shaarli Documentation</a>
40 <div role="search">
41 <form id ="rtd-search-form" class="wy-form" action="../search.html" method="get">
42 <input type="text" name="q" placeholder="Search docs" />
43 </form>
44</div>
45 </div>
46
47 <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
48 <ul class="current">
49
50
51 <li class="toctree-l1">
52
53 <a class="" href="..">Home</a>
54 </li>
55
56 <li class="toctree-l1">
57
58 <span class="caption-text">Setup</span>
59 <ul class="subnav">
60 <li class="">
61
62 <a class="" href="../Download-and-Installation/">Download and Installation</a>
63 </li>
64 <li class="">
65
66 <a class="" href="../Upgrade-and-migration/">Upgrade and migration</a>
67 </li>
68 <li class="">
69
70 <a class="" href="../Server-requirements/">Server requirements</a>
71 </li>
72 <li class="">
73
74 <a class="" href="../Server-configuration/">Server configuration</a>
75 </li>
76 <li class="">
77
78 <a class="" href="../Server-security/">Server security</a>
79 </li>
80 <li class="">
81
82 <a class="" href="../Shaarli-configuration/">Shaarli configuration</a>
83 </li>
84 <li class="">
85
86 <a class="" href="../Plugins/">Plugins</a>
87 </li>
88 </ul>
89 </li>
90
91 <li class="toctree-l1">
92
93 <span class="caption-text">Docker</span>
94 <ul class="subnav">
95 <li class="">
96
97 <a class="" href="../docker/docker-101/">Docker 101</a>
98 </li>
99 <li class="">
100
101 <a class="" href="../docker/shaarli-images/">Shaarli images</a>
102 </li>
103 <li class="">
104
105 <a class="" href="../docker/reverse-proxy-configuration/">Reverse proxy configuration</a>
106 </li>
107 <li class="">
108
109 <a class="" href="../docker/resources/">Docker resources</a>
110 </li>
111 </ul>
112 </li>
113
114 <li class="toctree-l1">
115
116 <span class="caption-text">Usage</span>
117 <ul class="subnav">
118 <li class="">
119
120 <a class="" href="../Features/">Features</a>
121 </li>
122 <li class="">
123
124 <a class="" href="../Bookmarklet/">Bookmarklet</a>
125 </li>
126 <li class="">
127
128 <a class="" href="../Browsing-and-searching/">Browsing and searching</a>
129 </li>
130 <li class="">
131
132 <a class="" href="../Firefox-share/">Firefox share</a>
133 </li>
134 <li class="">
135
136 <a class="" href="../RSS-feeds/">RSS feeds</a>
137 </li>
138 <li class="">
139
140 <a class="" href="../REST-API/">REST API</a>
141 </li>
142 </ul>
143 </li>
144
145 <li class="toctree-l1">
146
147 <span class="caption-text">How To</span>
148 <ul class="subnav">
149 <li class="">
150
151 <a class="" href="../Backup,-restore,-import-and-export/">Backup, restore, import and export</a>
152 </li>
153 <li class="">
154
155 <a class="" href="../Various-hacks/">Various hacks</a>
156 </li>
157 </ul>
158 </li>
159
160 <li class="toctree-l1">
161
162 <a class="" href="../Troubleshooting/">Troubleshooting</a>
163 </li>
164
165 <li class="toctree-l1">
166
167 <span class="caption-text">Development</span>
168 <ul class="subnav">
169 <li class="">
170
171 <a class="" href="../Development-guidelines/">Development guidelines</a>
172 </li>
173 <li class="">
174
175 <a class="" href="../Continuous-integration-tools/">Continuous integration tools</a>
176 </li>
177 <li class=" current">
178
179 <a class="current" href="./">GnuPG signature</a>
180 <ul class="subnav">
181
182 <li class="toctree-l3"><a href="#introduction">Introduction</a></li>
183
184 <ul>
185
186 <li><a class="toctree-l4" href="#pgp-and-gpg">PGP and GPG</a></li>
187
188 <li><a class="toctree-l4" href="#trust">Trust</a></li>
189
190 </ul>
191
192
193 <li class="toctree-l3"><a href="#generate-a-gpg-key">Generate a GPG key</a></li>
194
195 <ul>
196
197 <li><a class="toctree-l4" href="#gpg-provide-identity-information">gpg - provide identity information</a></li>
198
199 <li><a class="toctree-l4" href="#gpg-entropy-interlude">gpg - entropy interlude</a></li>
200
201 <li><a class="toctree-l4" href="#gpg-key-creation-confirmation">gpg - key creation confirmation</a></li>
202
203 <li><a class="toctree-l4" href="#gpg-submit-your-public-key-to-a-pgp-server-optional">gpg - submit your public key to a PGP server (Optional)</a></li>
204
205 </ul>
206
207
208 <li class="toctree-l3"><a href="#create-and-push-a-gpg-signed-tag">Create and push a GPG-signed tag</a></li>
209
210
211 </ul>
212 </li>
213 <li class="">
214
215 <a class="" href="../Coding-guidelines/">Coding guidelines</a>
216 </li>
217 <li class="">
218
219 <a class="" href="../Directory-structure/">Directory structure</a>
220 </li>
221 <li class="">
222
223 <a class="" href="../3rd-party-libraries/">3rd party libraries</a>
224 </li>
225 <li class="">
226
227 <a class="" href="../Plugin-System/">Plugin System</a>
228 </li>
229 <li class="">
230
231 <a class="" href="../Release-Shaarli/">Release Shaarli</a>
232 </li>
233 <li class="">
234
235 <a class="" href="../Versioning-and-Branches/">Versioning and Branches</a>
236 </li>
237 <li class="">
238
239 <a class="" href="../Security/">Security</a>
240 </li>
241 <li class="">
242
243 <a class="" href="../Static-analysis/">Static analysis</a>
244 </li>
245 <li class="">
246
247 <a class="" href="../Theming/">Theming</a>
248 </li>
249 <li class="">
250
251 <a class="" href="../Unit-tests/">Unit tests</a>
252 </li>
253 </ul>
254 </li>
255
256 <li class="toctree-l1">
257
258 <span class="caption-text">About</span>
259 <ul class="subnav">
260 <li class="">
261
262 <a class="" href="../FAQ/">FAQ</a>
263 </li>
264 <li class="">
265
266 <a class="" href="../Community-&-Related-software/">Community & Related software</a>
267 </li>
268 </ul>
269 </li>
270
271 </ul>
272 </div>
273 &nbsp;
274 </nav>
275
276 <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
277
278
279 <nav class="wy-nav-top" role="navigation" aria-label="top navigation">
280 <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
281 <a href="..">Shaarli Documentation</a>
282 </nav>
283
284
285 <div class="wy-nav-content">
286 <div class="rst-content">
287 <div role="navigation" aria-label="breadcrumbs navigation">
288 <ul class="wy-breadcrumbs">
289 <li><a href="..">Docs</a> &raquo;</li>
290
291
292
293 <li>Development &raquo;</li>
294
295
296
297 <li>GnuPG signature</li>
298 <li class="wy-breadcrumbs-aside">
299
300 <a href="https://github.com/shaarli/Shaarli/edit/master/docs/GnuPG-signature.md"
301 class="icon icon-github"> Edit on GitHub</a>
302
303 </li>
304 </ul>
305 <hr/>
306</div>
307 <div role="main">
308 <div class="section">
309
310 <h2 id="introduction">Introduction</h2>
311<h3 id="pgp-and-gpg">PGP and GPG</h3>
312<p><a href="https://gnupg.org/">Gnu Privacy Guard</a> (GnuPG) is an Open Source implementation of the <a href="https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP">Pretty Good
313Privacy</a> (OpenPGP) specification. Its main purposes are digital authentication,
314signature and encryption.</p>
315<p>It is often used by the <a href="https://en.wikipedia.org/wiki/Free_and_open-source_software">FLOSS</a> community to verify:
316- Linux package signatures: Debian <a href="https://wiki.debian.org/SecureApt">SecureApt</a>, ArchLinux <a href="https://www.archlinux.org/master-keys/">Master
317Keys</a>
318- <a href="https://en.wikipedia.org/wiki/Revision_control">SCM</a> releases &amp; maintainer identity</p>
319<h3 id="trust">Trust</h3>
320<p>To quote Phil Pennock (the author of the <a href="https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Home">SKS</a> key server - http://sks.spodhuis.org/):</p>
321<blockquote>
322<p>You MUST understand that presence of data in the keyserver (pools) in no way connotes trust. Anyone can generate a key, with any name or email address, and upload it. All security and trust comes from evaluating security at the “object level”, via PGP Web-Of-Trust signatures. This keyserver makes it possible to retrieve keys, looking them up via various indices, but the collection of keys in this public pool is KNOWN to contain malicious and fraudulent keys. It is the common expectation of server operators that users understand this and use software which, like all known common OpenPGP implementations, evaluates trust accordingly. This expectation is so common that it is not normally explicitly stated.</p>
323</blockquote>
324<p>Trust can be gained by having your key signed by other people (and signing their key back, too :) ), for instance during <a href="https://en.wikipedia.org/wiki/Key_signing_party">key signing parties</a>, see:
325- <a href="http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html">The Keysigning party HOWTO</a>
326- <a href="https://en.wikipedia.org/wiki/Web_of_trust">Web of trust</a></p>
327<h2 id="generate-a-gpg-key">Generate a GPG key</h2>
328<ul>
329<li><a href="http://stackoverflow.com/a/16725717">Generating a GPG key for Git tagging</a> (StackOverflow)</li>
330<li><a href="https://help.github.com/articles/generating-a-gpg-key/">Generating a GPG key</a> (GitHub)</li>
331</ul>
332<h3 id="gpg-provide-identity-information">gpg - provide identity information</h3>
333<pre><code class="bash">$ gpg --gen-key
334
335gpg (GnuPG) 2.1.6; Copyright (C) 2015 Free Software Foundation, Inc.
336This is free software: you are free to change and redistribute it.
337There is NO WARRANTY, to the extent permitted by law.
338
339Note: Use &quot;gpg2 --full-gen-key&quot; for a full featured key generation dialog.
340
341GnuPG needs to construct a user ID to identify your key.
342
343Real name: Marvin the Paranoid Android
344Email address: marvin@h2g2.net
345You selected this USER-ID:
346 &quot;Marvin the Paranoid Android &lt;marvin@h2g2.net&gt;&quot;
347
348Change (N)ame, (E)mail, or (O)kay/(Q)uit? o
349We need to generate a lot of random bytes. It is a good idea to perform
350some other action (type on the keyboard, move the mouse, utilize the
351disks) during the prime generation; this gives the random number
352generator a better chance to gain enough entropy.
353</code></pre>
354
355<h3 id="gpg-entropy-interlude">gpg - entropy interlude</h3>
356<p>At this point, you will:
357- be prompted for a secure password to protect your key (the input method will depend on your Desktop Environment and configuration)
358- be asked to use your machine's input devices (mouse, keyboard, etc.) to generate random entropy; this step <em>may take some time</em> </p>
359<h3 id="gpg-key-creation-confirmation">gpg - key creation confirmation</h3>
360<pre><code class="bash">gpg: key A9D53A3E marked as ultimately trusted
361public and secret key created and signed.
362
363gpg: checking the trustdb
364gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
365gpg: depth: 0 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 2u
366pub rsa2048/A9D53A3E 2015-07-31
367 Key fingerprint = AF2A 5381 E54B 2FD2 14C4 A9A3 0E35 ACA4 A9D5 3A3E
368uid [ultimate] Marvin the Paranoid Android &lt;marvin@h2g2.net&gt;
369sub rsa2048/8C0EACF1 2015-07-31
370</code></pre>
371
372<h3 id="gpg-submit-your-public-key-to-a-pgp-server-optional">gpg - submit your public key to a PGP server (Optional)</h3>
373<pre><code class="bash">$ gpg --keyserver pgp.mit.edu --send-keys A9D53A3E
374gpg: sending key A9D53A3E to hkp server pgp.mit.edu
375</code></pre>
376
377<h2 id="create-and-push-a-gpg-signed-tag">Create and push a GPG-signed tag</h2>
378<p>See <a href="../Release Shaarli">Release Shaarli</a>.</p>
379
380 </div>
381 </div>
382 <footer>
383
384 <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
385
386 <a href="../Coding-guidelines/" class="btn btn-neutral float-right" title="Coding guidelines">Next <span class="icon icon-circle-arrow-right"></span></a>
387
388
389 <a href="../Continuous-integration-tools/" class="btn btn-neutral" title="Continuous integration tools"><span class="icon icon-circle-arrow-left"></span> Previous</a>
390
391 </div>
392
393
394 <hr/>
395
396 <div role="contentinfo">
397 <!-- Copyright etc -->
398
399 </div>
400
401 Built with <a href="http://www.mkdocs.org">MkDocs</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
402</footer>
403
404 </div>
405 </div>
406
407 </section>
408
409 </div>
410
411 <div class="rst-versions" role="note" style="cursor: pointer">
412 <span class="rst-current-version" data-toggle="rst-current-version">
413
414 <a href="https://github.com/shaarli/Shaarli" class="fa fa-github" style="float: left; color: #fcfcfc"> GitHub</a>
415
416
417 <span><a href="../Continuous-integration-tools/" style="color: #fcfcfc;">&laquo; Previous</a></span>
418
419
420 <span style="margin-left: 15px"><a href="../Coding-guidelines/" style="color: #fcfcfc">Next &raquo;</a></span>
421
422 </span>
423</div>
424 <script src="../js/theme.js"></script>
425
426</body>
427</html>