[foaf-protocols] PGP and WebID and well.. lots of things

Melvin Carvalho melvincarvalho at gmail.com
Thu Oct 7 08:02:42 CEST 2010


On 7 October 2010 04:24, Nathan <nathan at webr3.org> wrote:
> Hi Guys,
>
> Bit of good news, I've managed to get my WebID X.509 in to OpenPGP via GPA -
> so here's my WebID key in PGP format..
>
> http://keyserver.ubuntu.com:11371/pks/lookup?search=0x6F628566
>
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: GnuPG v2.0.14 (GNU/Linux)
>
> mQENBEytKE8BCADExMjA0aRBtMQhIuxH9/yPF5KI8T6ygll5hcI55m0nWIevnRZ9
> P0/gWFSOX7Z1EZ6y2RdY+Jt8wcM9IUZrxGjrp7Pw/7cNs6+xoEO6s8Q3klq4LTe/
> 8TL227OY2mgSFgQATKz+NrLT4IcJptj8MPipSywggdqD/QziwhtwyEYvwa1XJkvs
> gxwMrOlK81OWinwqvJ0X6a+i+/mQptRinzBmtjs+h34NgulSCo77Jd5SMHSuz4rt
> 6RLRC7zpZM4N3chlQRX7MCK9zN8MWB1zAM2muUMDILWrv9bDVhyFOH6vxmL68EMm
> 2+Ns05/O88PJ3tP3U78fDXXqBGm2rYfTqWvdABEBAAG0GU5hdGhhbiA8bmF0aGFu
> QHdlYnIzLm9yZz6JATgEEwECACIFAkytKE8CGwMGCwkIBwMCBhUIAgkKCwQWAgMB
> Ah4BAheAAAoJEM3SvkdvYoVmfecIAIubjGh/o7vRx6tXXXk07scmRRHE7EB5bcKU
> 9E2XurSrV5GCxL1o993LcgilqjW9vhyiM7iWCAncSPT0MTccEYkX7n8/309Ye3oX
> S5qlbpesedUH3WNFaEHURbRt7tMhdxTK4bO7YHQiHZ5SP5RYj1R5moMOE52QZiRX
> nRac9xn4hYIAudO3jWejajr1hL/k8XpEwdRUbwnV6jI7NV5bhcnmSkpKXRQ1sUBJ
> nwsebsIFQ9H8Bs79QVXAm2FNkDBtsvB1sS // trimmed
>
> How to do it (on ubuntu):
>
>  - apt-get install gpa gpgsm
>  - gpgsm --import webid.p12

Very promising!

I'm currently getting the following tho:

https://bugs.launchpad.net/ubuntu/+source/gnupg2/+bug/640724

Will see if i can get it working.  Are you using lucid lynx?

>
> every time it asks you for a password *give it an empty one* it appears to
> be for the .p12 but it's not, god knows what it is! - ignore warnings about
> gpg-agent etc if you get them. After about 2 or 3 password boxes and
> warnings and all the rest of it, eventually it will import the .p12 and if
> you go in to GPA you will see your webid key (and certificate!) in listed.
>
> You can now use it with mail, to sign and seal files, armored and all - to
> get it back in PGP format simple export it.
>
> also..
>
> Using your WebID Keys for more than WebID
>
> 1: Get the bits of your WebID (your private key and certificate)
>  -> get your webid.p12
>  -> get your private key:
>    openssl pkcs12 -nocerts -in webid.p12 -out userkey.pem
>  -> get your certificate
>    openssl pkcs12 -clcerts -nokeys -in webid.p12 -out usercert.pem
>
> 2: Use your WebID keys for SSH!
>  -> your userkey.pem is your private key for ssh, just copy it in
>    cp userkey.pem ~/.ssh/id_rsa
>  -> you need to get your public key and save it in an ssh compatible manner:
>    ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
>  -> you probably use ssh-agent so you need to update it..
>    ssh-add ~/.ssh/id_rsa
>
>  so you're now using your WebID Keys for ssh
>
> 3: Using with Gnome Keyring
>  -> if you did two above, you already are :)
>     both GnomeKeyring and the Gnome Keyring SSH Agent use the keys in
> ~./ssh!
>
> 4: With GitHub
>  -> if you did two above, you already are :)
>    just pop your id_rsa.pub (ssh formatted public key) in to your github
> keys
>
> 5: With Mercurial/HG (mercurial server)
>  -> guess what, Mercurial/HG uses your ssh keys too and ssh agent, all done
> with two.
>
> 6: With SVN+SSH
>  -> and again, the +ssh is the give away :)
>
> So the short list is, single .p12 for your webid and you can use it for:
>  - WebID
>  - SSH
>  - PGP
>  - Version control
>  - well everything to be honest, because you've got the same key pair in RSA
> X509 format, PGP format, and SSH format, you can also easily get a pcks#1
> 'rsa key' if you want.
>
> Best,
>
> Nathan
>


More information about the foaf-protocols mailing list