public inbox for gentoo-keys@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-keys] Gentoo Keys: Expansion and improvements -- Final report
@ 2014-08-20 11:34 Pavlos Ratis
  2014-08-20 18:37 ` [gentoo-keys] Re: [gentoo-soc] " Brian Dolbec
  0 siblings, 1 reply; 2+ messages in thread
From: Pavlos Ratis @ 2014-08-20 11:34 UTC (permalink / raw
  To: gentoo-soc, gentoo-keys

Hello,

This year I worked on improving and expanding the features of Gentoo Keys.

Gentoo Keys is a Python based project that aims to manage the GPG
keys used for validation on users and Gentoo's infrastructure
servers. These keys will be any/all of the release keys, developer keys
and any other third party keys or keyrings available or needed.

Source code: https://github.com/gentoo/gentoo-keys

Final Report
=========

Status: Finished

Outline of features:
---------------------------
Seeds
  * Seed file fetching support.
  * Data format reconstruction from pickle to JSON.
  * Addition/deletion/listing actions.
Keys
  * Key installation support via seed files.
  * Key removal/listing support.
Keyrings
  * Gentoo Keys can now export a public keyring with trusted keys.
That binary keyring can be signed by a Certificate Authority(CA) and
distributed to the users.
Verification
  * File verification support(locally or via URL).
Key checks
  * Checks for expired or revoked keys.
  * Checks for key validity.
  * Key capabilities checks.
OpenPGP Key generation tool (Gkeygen)
  * OpenPGP key generation based on the GLEP 63 specifications[0].
Gentoo Key LDAP tool (Gkeyldap)
  * Gentoo-specific tool that is going to be used by Gentoo
infrastructure in conjunction with LDAP to update seeds and remove
keys that fail checks.

The project has resulted in a few patches to ssl-fetch[1] and pyGPG[2] as well.

Plans for the future
==============

Aside from some code refinements and minor changes, Gentoo Keys is
almost ready for its first release. We, the Gentoo Keys team, are
going to continue its development focusing on the test suites and the
file verification on images, commits and other documents. Furthermore,
our goal is to implement more features that make Gentoo keys more
dynamic and flexible for general use.

It has been a great experience working on the project. At this point,
I would like to thank my mentor, Brian (dol-sen) Dolbec for his
guidance and his suggestions throughout the past months and I would
also like to thank Kristian (K_F) Fiskerstrand for his suggestions on
the openPGP part.

[0] https://wiki.gentoo.org/wiki/GLEP:63
[1] https://github.com/dol-sen/ssl-fetch
[2] https://github.com/dol-sen/pyGPG

Best regards,
Pavlos Ratis


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2014-08-20 18:38 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-08-20 11:34 [gentoo-keys] Gentoo Keys: Expansion and improvements -- Final report Pavlos Ratis
2014-08-20 18:37 ` [gentoo-keys] Re: [gentoo-soc] " Brian Dolbec

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox