1OPENPGPKEY(1) Internet / DNS OPENPGPKEY(1)
2
3
4
6 openpgpkey - Create and verify RFC-TBD OPENPGPKEY DNS records
7
9 openpgpkey [--fetch | --verify] [--insecure] [--resolv.conf
10 /PATH/TO/RESOLV.CONF] user@domain
11
12 openpgpkey [--create] [--insecure] [--resolv.conf /PATH/TO/RESOLV.CONF]
13 [--output {rfc,generic,both}] [--uid <uid>] [--keyid <keyid>]
14 user@domain
15
17 openpgpkey generates RFC-TBD OPENPGPKEY DNS records. To generate these
18 records for older nameserver implementations that do not yet support
19 the OPENPGPKEY record, specify --output generic to output the
20 openpgpkey data in Generic Record (RFC-3597) format. Records are
21 generated by taking all keys with the specified email address
22 associated with it from the user's local GnuPG keychain.
23
24 Verification of OPENPGPKEY records is done by comparing the keyid and
25 fingerprint of the OPENPGPKEY obtained from DNS with the version in the
26 local GnuPG keychain.
27
29 --fetch
30 Fetch an OPENPGPKEY public key record from DNS
31
32 --create
33 Create an OPENPGPKEY DNS record
34
35 --verify
36 Verify a public key from the local GPG keyring with the OPENPGPKEY
37 DNS record
38
39 --resolvconf FILE
40 Specify a custom resolv.conf file (default: /etc/resolv.conf)
41
42 --output rfc | generic | both
43 Output format of OPENPGPKEY record. "OPENPGPKEY" for rfc, "TYPE61"
44 for generic (default: generic)
45
46 If neither create or verify is specified, create is used.
47
49 openpgpkey requires the following python libraries: unbound, gnupg and
50 argparse. It also requires gnupg which provides the gpg command.
51
53 none known
54
56 typical usage:
57
58 openpgpkey --fetch paul@nohats.ca > paul.pubkey
59
60 openpgpkey --verify paul@nohats.ca
61
62 openpgpkey --create paul@nohats.ca
63
65 draft-ietf-dane-openpgpkey
66
67 http://people.redhat.com/pwouters/hash-slinger/
68
70 Paul Wouters <pwouters@redhat.com>
71
73 Copyright 2014-2015
74
75 This program is free software; you can redistribute it and/or modify it
76 under the terms of the GNU General Public License as published by the
77 Free Software Foundation; either version 2 of the License, or (at your
78 option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
79
80 This program is distributed in the hope that it will be useful, but
81 WITHOUT ANY WARRANTY; without even the implied warranty of
82 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
83 General Public License (file COPYING in the distribution) for more
84 details.
85
86
87
88Paul Wouters December 30, 2013 OPENPGPKEY(1)