aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.gitignore1
-rw-r--r--Makefile29
-rw-r--r--gnupg/gpg.conf.m4 (renamed from gnupg/gpg.conf)2
-rw-r--r--gnupg/sks-keyservers.net/README.markdown10
-rw-r--r--gnupg/sks-keyservers.net/crl.pem26
-rw-r--r--gnupg/sks-keyservers.net/sks-keyservers.netCA.pem32
-rw-r--r--gnupg/sks-keyservers.net/sks-keyservers.netCA.pem.asc16
7 files changed, 108 insertions, 8 deletions
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 00000000..7959a35a
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+gnupg/gpg.conf
diff --git a/Makefile b/Makefile
index 9855f46b..3524a6a0 100644
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,8 @@
-.PHONY: install \
+.PHONY: all \
+ clean \
+ distclean \
+ gnupg \
+ install \
install-bash \
install-bin \
install-curl \
@@ -30,14 +34,22 @@
test-bash \
test-bin \
test-sh \
- test-urxvt \
- usage
+ test-urxvt
-usage :
- @echo "tejr/dotfiles: Nothing to do."
+all : gnupg
@echo "Run make -n install, and read the output carefully."
@echo "If you're happy with what it'll do, then run make install."
+clean :
+ rm -f gnupg/gpg.conf
+
+distclean : clean
+
+gnupg : gnupg/gpg.conf
+
+gnupg/gpg.conf :
+ m4 -D DOTFILES_HOME="$(HOME)" gnupg/gpg.conf.m4 > gnupg/gpg.conf
+
install : install-bash \
install-curl \
install-dircolors \
@@ -74,9 +86,12 @@ install-dircolors :
install-git :
install -m 0644 -- git/gitconfig "$(HOME)"/.gitconfig
-install-gnupg :
- install -m 0700 -d -- "$(HOME)"/.gnupg
+install-gnupg : gnupg/gpg.conf
+ install -m 0700 -d -- \
+ "$(HOME)"/.gnupg \
+ "$(HOME)"/.gnupg/sks-keyservers.net
install -m 0600 -- gnupg/*.conf "$(HOME)"/.gnupg
+ install -m 0644 -- gnupg/sks-keyservers.net/* "$(HOME)"/.gnupg/sks-keyservers.net
install-i3 : install-x
install -m 0755 -d -- "$(HOME)"/.i3
diff --git a/gnupg/gpg.conf b/gnupg/gpg.conf.m4
index 2baa68cb..81a95f3d 100644
--- a/gnupg/gpg.conf
+++ b/gnupg/gpg.conf.m4
@@ -26,7 +26,7 @@ keyserver hkps://hkps.pool.sks-keyservers.net
# Retrieve keys automatically; check the keyserver port cert; use whichever
# server is proffered from the pool
-keyserver-options auto-key-retrieve check-cert no-honor-keyserver-url
+keyserver-options auto-key-retrieve check-cert no-honor-keyserver-url ca-certfile=DOTFILES_HOME/.gnupg/sks-keyservers.net/sks-keyservers.netCA.pem
# Include trust/validity for UIDs in listings
list-options show-uid-validity
diff --git a/gnupg/sks-keyservers.net/README.markdown b/gnupg/sks-keyservers.net/README.markdown
new file mode 100644
index 00000000..aca7ac2a
--- /dev/null
+++ b/gnupg/sks-keyservers.net/README.markdown
@@ -0,0 +1,10 @@
+sks-keyservers.net CA, CRL, and signature
+=========================================
+
+These files are downloaded from links on the [sks-keyservers.net][1] overview
+page. I've included both their signature file and the revocation list, but it's
+your responsibility to make sure that everything here is verified to your
+satisfaction.
+
+[1]: https://sks-keyservers.net/overview-of-pools.php
+
diff --git a/gnupg/sks-keyservers.net/crl.pem b/gnupg/sks-keyservers.net/crl.pem
new file mode 100644
index 00000000..43b2560b
--- /dev/null
+++ b/gnupg/sks-keyservers.net/crl.pem
@@ -0,0 +1,26 @@
+-----BEGIN X509 CRL-----
+MIIEczCCAlsCAQEwDQYJKoZIhvcNAQELBQAwXDELMAkGA1UEBhMCTk8xDTALBgNV
+BAgMBE9zbG8xHjAcBgNVBAoMFXNrcy1rZXlzZXJ2ZXJzLm5ldCBDQTEeMBwGA1UE
+AwwVc2tzLWtleXNlcnZlcnMubmV0IENBFw0xNDEwMTAxNjM5MTdaFw0xNTA0MDgx
+NjM5MTdaMIIBuDASAgEBFw0xMjEwMDkwMTAyMDVaMBICAQIXDTEyMTAwOTAxMDIw
+NVowEgIBAxcNMTQwNTAxMTEyMDU2WjASAgEEFw0xMjEwMDkwMTAyMDVaMBICAQgX
+DTE0MDUwNjE4MjQzMVowEgIBDBcNMTQwNjI4MTI0NTU2WjASAgERFw0xNDA0MjYx
+MjU4MjdaMBICARMXDTEzMTExMzE5MzczM1owEgIBFBcNMTQwNDI5MTczNDA0WjAS
+AgEYFw0xNDA1MDYxODIyMDVaMBICASEXDTE0MDUwMjEyNDQ1MlowEgIBIhcNMTQw
+NDI5MTczNDA0WjASAgEjFw0xMzExMTMxOTM3MzNaMBICASQXDTE0MDUwNzIwMTIy
+OFowEgIBKBcNMTQwNDI5MjAwNjAyWjASAgEpFw0xNDA0MjYxNDI0MjRaMBICASsX
+DTE0MDUwMzE0NDgwNlowEgIBLRcNMTQwNDMwMDgxNTU4WjASAgEuFw0xNDA0MzAw
+ODE2MTdaMBICAS8XDTE0MDQyNjEzMDIxNlowEgIBMxcNMTQwNDI5MTczNjIwWjAS
+AgE0Fw0xNDA1MTIxODQwNThaoA8wDTALBgNVHRQEBAICEBowDQYJKoZIhvcNAQEL
+BQADggIBAAZLkVRNqj9nL6f2Cv/AlDe0pMx2ZLNyIN3/KXSByUoIH4NMSDuPQqec
+ceUq+W5Vrh8EDUC9MbUMA1MSv/DWdG/422to8/iDnC/F423JLfOVwQABR5F37mxF
+MH+6aL9QgEezqHjnMg2MKRukB29TXR9rj3Q2HOhn+MH45Cfw7HDpCA+zaCUAHz1d
+74pyp38hfMT5s3Xm2M2ibtOoHmQYbx4rYra+dwPce41QppF2XnfV++6gxUv5F41U
+t7aouAt1ZsrIdcP+7crh4KbeTUIR3eEO/tHs74HVjhMtdsn1rTM668Dl3eg6rcv7
+CCNMgXbotNUekuWlf8YFM01BOyHUaWrMfpS/1WkKqVR/0BzMuSoPAHehoq5SGm1B
+RkVl9/acH07nvmziQQEnyJDZKaJplnIZ+vgNW07cW8eaeafVXTF8fkornyCVDE92
+YGxLQiUu2lQ4qcbb9OH1ki0LnUvCVo8SbzH913VqcvE6EHhoHyaHtBqswBwP5NZd
+ybC2bxOYhmICVnK8ee/1Yz9dnjtJsMhB3qtW3vkJ6yn7bjRLH01U8wvhJDo8Cjhe
+dyZnT3JE9lzPYb3JqkYIn1YnolUF/zhoVTcUQVSn81u44yx5yrPbsvjIsiSWt4Pd
+Q7y++Yy2Sgh9uApIF/1xqsu+dZnOR/rMQdQXwM4bmXn/6itZ/22l
+-----END X509 CRL-----
diff --git a/gnupg/sks-keyservers.net/sks-keyservers.netCA.pem b/gnupg/sks-keyservers.net/sks-keyservers.netCA.pem
new file mode 100644
index 00000000..24a2ad2e
--- /dev/null
+++ b/gnupg/sks-keyservers.net/sks-keyservers.netCA.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFizCCA3OgAwIBAgIJAK9zyLTPn4CPMA0GCSqGSIb3DQEBBQUAMFwxCzAJBgNV
+BAYTAk5PMQ0wCwYDVQQIDARPc2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5u
+ZXQgQ0ExHjAcBgNVBAMMFXNrcy1rZXlzZXJ2ZXJzLm5ldCBDQTAeFw0xMjEwMDkw
+MDMzMzdaFw0yMjEwMDcwMDMzMzdaMFwxCzAJBgNVBAYTAk5PMQ0wCwYDVQQIDARP
+c2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5uZXQgQ0ExHjAcBgNVBAMMFXNr
+cy1rZXlzZXJ2ZXJzLm5ldCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBANdsWy4PXWNUCkS3L//nrd0GqN3dVwoBGZ6w94Tw2jPDPifegwxQozFXkG6I
+6A4TK1CJLXPvfz0UP0aBYyPmTNadDinaB9T4jIwd4rnxl+59GiEmqkN3IfPsv5Jj
+MkKUmJnvOT0DEVlEaO1UZIwx5WpfprB3mR81/qm4XkAgmYrmgnLXd/pJDAMk7y1F
+45b5zWofiD5l677lplcIPRbFhpJ6kDTODXh/XEdtF71EAeaOdEGOvyGDmCO0GWqS
+FDkMMPTlieLA/0rgFTcz4xwUYj/cD5e0ZBuSkYsYFAU3hd1cGfBue0cPZaQH2HYx
+Qk4zXD8S3F4690fRhr+tki5gyG6JDR67aKp3BIGLqm7f45WkX1hYp+YXywmEziM4
+aSbGYhx8hoFGfq9UcfPEvp2aoc8u5sdqjDslhyUzM1v3m3ZGbhwEOnVjljY6JJLx
+MxagxnZZSAY424ZZ3t71E/Mn27dm2w+xFRuoy8JEjv1d+BT3eChM5KaNwrj0IO/y
+u8kFIgWYA1vZ/15qMT+tyJTfyrNVV/7Df7TNeWyNqjJ5rBmt0M6NpHG7CrUSkBy9
+p8JhimgjP5r0FlEkgg+lyD+V79H98gQfVgP3pbJICz0SpBQf2F/2tyS4rLm+49rP
+fcOajiXEuyhpcmzgusAj/1FjrtlynH1r9mnNaX4e+rLWzvU5AgMBAAGjUDBOMB0G
+A1UdDgQWBBTkwyoJFGfYTVISTpM8E+igjdq28zAfBgNVHSMEGDAWgBTkwyoJFGfY
+TVISTpM8E+igjdq28zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4ICAQAR
+OXnYwu3g1ZjHyley3fZI5aLPsaE17cOImVTehC8DcIphm2HOMR/hYTTL+V0G4P+u
+gH+6xeRLKSHMHZTtSBIa6GDL03434y9CBuwGvAFCMU2GV8w92/Z7apkAhdLToZA/
+X/iWP2jeaVJhxgEcH8uPrnSlqoPBcKC9PrgUzQYfSZJkLmB+3jEa3HKruy1abJP5
+gAdQvwvcPpvYRnIzUc9fZODsVmlHVFBCl2dlu/iHh2h4GmL4Da2rRkUMlbVTdioB
+UYIvMycdOkpH5wJftzw7cpjsudGas0PARDXCFfGyKhwBRFY7Xp7lbjtU5Rz0Gc04
+lPrhDf0pFE98Aw4jJRpFeWMjpXUEaG1cq7D641RpgcMfPFvOHY47rvDTS7XJOaUT
+BwRjmDt896s6vMDcaG/uXJbQjuzmmx3W2Idyh3s5SI0GTHb0IwMKYb4eBUIpQOnB
+cE77VnCYqKvN1NVYAqhWjXbY7XasZvszCRcOG+W3FqNaHOK/n/0ueb0uijdLan+U
+f4p1bjbAox8eAOQS/8a3bzkJzdyBNUKGx1BIK2IBL9bn/HravSDOiNRSnZ/R3l9G
+ZauX0tu7IIDlRCILXSyeazu0aj/vdT3YFQXPcvt5Fkf5wiNTo53f72/jYEJd6qph
+WrpoKqrwGwTpRUCMhYIUt65hsTxCiJJ5nKe39h46sg==
+-----END CERTIFICATE-----
diff --git a/gnupg/sks-keyservers.net/sks-keyservers.netCA.pem.asc b/gnupg/sks-keyservers.net/sks-keyservers.netCA.pem.asc
new file mode 100644
index 00000000..5f11bc56
--- /dev/null
+++ b/gnupg/sks-keyservers.net/sks-keyservers.netCA.pem.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAABCgAGBQJUCZzxAAoJEPw7F94F4Tag/Z8P/jUOTbsCYT+bG7L+/D9s1KCz
+G2H9X4fV/fBeeAFWjgV6iNBEzZuFx9FYxmECyR1JzRektfWa3JR+rt2pipGO2UQ2
+Il2Ti6K7mVNyEnsgfq5otky7UDewmW+p5u1I7PNVcnHmArE7EueX5WB1vYhY2faY
+B4xsFuaLacQVIz9JFyKiTGu0WSkpnlByaCoMPJgifwwGhPNK8X23isKDY8U9hahh
+xWHRf/57Z+g407d6dEG/1ax8ELf68KRLGalZv9fOcZfRbFT4JV4bq/rsZuNptAqf
+8A5RDnsgXFyIgDptWnYYpra/HCPNOKdL/TxcASTsEH6s9NNw9mvNpE//JWYMV4FM
+N6h9aTezSEwAnD781JrPPZ8BlpRYWtnd3UaSbBbOdb6mze0Oh39yvYEcEO8edvC1
+RLH5OJyJIIkkO46B8cYBtokjRlcAeBgFf5GLlwdh6zGcERqsTRHtA8FmLbl1v3w1
+Xj1tUAoex27ke+z+QKBOp06t6eeNavDeN0/jDidSPQ4Q6QVy8KP9eeMDAQkd9+1F
+aCMvSxEkbuiy05grzQC0jqOXAIVwfu33kcFr2Z7boxVNEjM/ng6Ty4WXWWWbADaH
+nXGamvmUrCiODMRl4DYTB65H27tSv2J9j8WyA+IiokJOglH63nyJJy+XWbRmlgmI
++ds5RCeuq2/uVOGhSP7t
+=O9Kt
+-----END PGP SIGNATURE-----