keybase.io is such a thing, or at least that’s the hope. It’s a challenge because they’re trying to do multiple things: simplifying keysigning/web-of-trust, simplifying encryption/decryption commands while making this all web-accessible but still allowing for the command line frontends you’re talking about.
you should take a gander, it’s a novel idea but it loses the subtlety that this article describes. Subkeys are a complicated idea, heck, even per-machine ssh keys are still complicated enough that gitolite devotes an entire part of its manual to ‘ssh basics’. i don’t think it’s any surprise that subkeys in ssh are even more nuanced to the point of seeming opaque.
gpgtools for the mac is a good stab at a frontend, but there’s so many nuances and religious decisions that go into “informed gpg usage” that it’s almost worth thinking about whether a frontend could satisfy them all. that’s sorta a cop-out, but i don’t think the lack of a good frontend (even on the command line) is for lack of trying.
GPG definitely needs a proper CLI. This blog post is way too long for something that needs to be trivial to do.
Is there any good GPG wrapper out there? A simple, easily auditable bash script should do the trick. I wonder why I never came across oneā¦
keybase.io is such a thing, or at least that’s the hope. It’s a challenge because they’re trying to do multiple things: simplifying keysigning/web-of-trust, simplifying encryption/decryption commands while making this all web-accessible but still allowing for the command line frontends you’re talking about.
you should take a gander, it’s a novel idea but it loses the subtlety that this article describes. Subkeys are a complicated idea, heck, even per-machine ssh keys are still complicated enough that gitolite devotes an entire part of its manual to ‘ssh basics’. i don’t think it’s any surprise that subkeys in ssh are even more nuanced to the point of seeming opaque.
gpgtools for the mac is a good stab at a frontend, but there’s so many nuances and religious decisions that go into “informed gpg usage” that it’s almost worth thinking about whether a frontend could satisfy them all. that’s sorta a cop-out, but i don’t think the lack of a good frontend (even on the command line) is for lack of trying.