Multiple signatures
Boris
koushkov at gmail.com
Fri Jun 18 15:57:15 CEST 2010
Thank you very much David
It is exactly what I wanted
2010/6/18 David Shaw <dshaw at jabberwocky.com>
> > On Jun 17, 2010, at 11:33 PM, Boris wrote:
> >
> > > Hi,
> > >
> > > I would like to know if there is a way to add multiple signatures for a
> file (in a separate file) and check who signed with just one command (so not
> by signing a signed file...).
> >
> > Sure.
> >
> > gpg -u signer_1 -u signer_2 -u signer_3 --detach-sign file-to-sign
> >
> > You'll end up with a file-to-sign.sig that contains all three signatures.
> When you verify file-to-sign.sig, all three signatures will be checked.
> >
> > Alternately, you can do the same "multiple signer" trick with regular
> --sign if you want the data and signatures to be put together into a single
> file.
>
> On Jun 18, 2010, at 9:14 AM, Boris wrote:
>
> > Ok, Thanks David,
> >
> > But what if the file is signed by people working on different computers?
> > So they will had their signature on the current separate file
> (correesponding to the people who already signed a specific file).
>
> If you want a bunch of people all signing the same file, have each signer
> do this:
>
> gpg -u signer-X -o signer-X-signature --detach-sign file-to-sign
>
> Then have them all send you their "file-to-sign.sig" files. You create a
> file containing all of them:
>
> cat signer-1-signature signer-2-signature signer-3-signature >
> file-to-sign.sig
>
> Then anyone can verify file-to-sign.sig against the original file-to-sign
> and see all the signatures verified.
>
> David
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20100618/fac27286/attachment-0001.htm>
More information about the Gnupg-users
mailing list