Developer DB, gpg and stuf..
As part of the Developer database project we are going to be having an
email gateway that allows modification of many of the fields based on
signed messages. To test the basic setup of this I have setup an address
If you send a pgp signed email to that address you will receive a response
like I have included below indicating your public ldap record. In future
adresses will be provided to allow you to reset a lost password via pgp
signed email, change some fields and maybe a few other things as they come
How the service works is it accepts the signed message and feeds it
through GPG. GPG then tells it who signed it which is then used to
determine which LDAP record to use. It then connects to the database and
sends the text message back from it. The ping address ignores the content
of the mail, others will require a particular format. The response will be
New for our PGP type services is a replay cache. Particularly for things
like changing passwords you don't want someone re-sending your messages so
the server protects against this. It should never accept the same message
twice - please test this :> Part of that also means your clock will have
to be accurate to at least one week.
Since it uses GPG it will accept basically any signature you throw at it,
including the DSA ones (a GPG key).
You can email me if there is some [important] incorrect information I'll
update things by hand for the moment.
Hello Jason Gunthorpe <firstname.lastname@example.org>!
Here is a list of all the public fields associated with your LDAP entry:
gecos: Jason Gunthorpe,,,,
l: Edmonton, Alberta
Please email email@example.com if you have any questions.