Thursday, August 21, 2014

GSoC Final Report - Use GNOME Keysign to sign OpenPGP keys

I haven't blogged about my work progress lately but I had implemented most of the features that were planned when GSoC started.

Short description of the project
My project was to make a tool that will help people in the the OpenPGP Keysigning[1] process.
Geysign will take care of all the steps a user must take to get his key signed or sign another one's key  by automating the process while following the OpenPGP best practices.



What Geysign currently does:

  • Displays your personal keys from which you can choose one at a time and get it signed.
  • Encode's the selected key's fingerprint into a barcode that can be scanned. The fingerprint can also be typed if your device has no video camera available.
  • Uses avahi to publishes itself on the network and to discover other Geysign services. This allows a "plug and play"  or straightforward process (otherwiser user would have to get the ip address and port)
  • When requested, starts a local http server that will listen for new connections to download the public key data.
  • Authenticates the received key data by checking if the scanned/typed fingerprint is the same with the one from the key (which was previously imported into a temporary keyring).
  • If the two fingerprint match, then it will proceed to sign the key and export it
  • Email the key back to its owner (not yet implemented).

The last point will be done after GSoC as well as giving the app a new GUI. Until now I had cared more about the functionality of the app and less about how it looks. 

Here is a short demo that shows the process of signing a key by using two Geysign applications on the same machine (unfortunately I didn't had a working network with two computers).
You can check the code on git repository [2]. I am glad to see people are interested in this as I already received a pull request from someone who wants to contribute to Geysign.





With this occasion I want to thank GNOME for sponsoring the accommodation to GUADEC, I enjoyed being there for the first time.

I also want to mention my mentor Tobias Mueller and thank him for the help he gave me, I learnt a lot from him. 
My work on Geysign will continue and I hope that in the future it will be integrated into Seahorse.

[1] Open PGP Web of Trust : https://wiki.openstack.org/wiki/OpenPGP_Web_of_Trust
[2] Git repo: https://github.com/andreimacavei/geysigning

Posted by at No comments:
Subscribe to: Posts (Atom)