On 2020-10-24 at 21:03 -0400, Phil Pennock wrote:
I think really we need some nice pgpkey-sanitycheck command-line
tool, from any project, which looks purely at public key information,
so doesn't need to care about internals (private keys, keyboxes,
etc).
Such a tool might then report on outdated algorithms used in
important places, while avoiding getting into the political mess of
which algorithm order preferences should be included in a key.
I held off on "asking others to write software for me" in the
previous post, keeping it to "this exists now". This time around,
I'm throwing out a "Hey, pgpkey-sanitycheck would be a nice tool to
have, folks" and running away.
I too have thought in the past we should have a "pgplint" tool.¹
I have several ideas on what to measure (this community probably has
lots more), it's something I could do but didn't have the motivation to
start coding it.
¹ I don't know if Broadcom might dislike such name, though. Maybe it
should be called openpgp-lint, then?
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp