If you don't want to read any of these just do the following:
git clone https://github.com/aelnosu/CredentialStore.git
cd CredentialStore
chmod +x init.sh
./init.sh
Welcome to the Public Key and Certificate Repository. This repository contains openPGP and S/MIME public key files, signatures, and certificates managed and maintained by the Repository Owner. These files serve multiple crucial functions, including the verification of identities, encryption of communications, and the establishment of a PGP Web of Trust (WOT).
The trust chain of the repository is as follows:
The public keys and certificates available in this repository can be used to verify the identity of individuals and entities. By certifying a public key using your own PGP key and sending the certification back to the Repository Owner, you contribute to the trustworthiness and authenticity of these keys.
Public keys in this repository can be used to encrypt messages and files, ensuring that only the intended recipient can decrypt and read the contents. This enhances the security and privacy of your communications.
The repository plays a pivotal role in establishing a PGP Web of Trust. By certifying keys and building a network of trusted entities, users can strengthen the overall security and reliability of their cryptographic communications.
By using the files in this repository, you agree to the terms and conditions outlined in the Public Key and Certificate License Agreement.
- You may not rely on the files unless you have certified them using your own PGP key and sent the certification back to the Repository Owner by using encrypted email to [email protected]
- The files are provided "as is" without any warranty.
- Your usage of these files indicates your acceptance of the license terms.
There are 8 important files in this repository:
.
├── Certification.txt (The main PGP key certification file)
├── Certification.txt.asc (The main PGP key certification file signature, signed by the PGP key)
├── Certification.txt.asc.p7s (The main PGP key certification file signature's signature, signed by the S/MIME key)
├── Certification.txt.asc.pkcs7 (The .p7s file converted to PKCS#7 format)
├── Certification.txt.asc.pkcs7.cert (The S/MIME key certificate)
├── Eason_Lu_(Main)_0xA9C46116_public.asc (The main PGP key)
├── Key_1_0x35E98024_public.asc (The first key)
└── Key_2_0x9AF5FF79_public.asc (The second key)
To verify the validity of the main PGP key, the file name is: Eason Lu (Main)_0xA9C46116_public.asc
Run the following command in your terminal:
openssl smime -verify -binary -inform PEM -in Certification.txt.asc.pkcs7 -content Certification.txt.asc -certfile Certification.txt.asc.pkcs7.cert
If the output is Verification successful
, the main PGP key is valid and can be used to verify other keys in the repository.
To import a public key and mark them as fully trusted into your keyring, use the following command:
gpg --import "Eason_Lu_(Main)_0xA9C46116_public.asc"
gpg --import "Key_1_0x35E98024_public.asc"
gpg --import "Key_2_0x9AF5FF79_public.asc"
(echo 5; echo y; echo save) | gpg --command-fd 0 --no-tty --no-greeting -q --edit-key "660279E4B9E374894D7F51C31A41C324A9C46116" trust
or
gpg --keyserver keys.openpgp.org --recv-keys 1A41C324A9C46116 A5ED17B135E98024 7974BCA19AF5FF79
(echo 5; echo y; echo save) | gpg --command-fd 0 --no-tty --no-greeting -q --edit-key "660279E4B9E374894D7F51C31A41C324A9C46116" trust
If you want to help me build a Web of Trust, please certify the main PGP key and send the certification back to me by using an encrypted email to [email protected]. The certification process is crucial for establishing trust and authenticity in the PGP Web of Trust.
Certify the main PGP key by running the following command:
gpg --sign-key 660279E4B9E374894D7F51C31A41C324A9C46116
Then follow the instructions to complete the certification process. Please mark the key as trust fully as that allow you to verify the other keys in the repository.
After you are done, export the certification and send it back to me by using an encrypted email to [email protected]. This process can be easily done by using Thunderbird, or by using the following command:
gpg --armor --export 660279E4B9E374894D7F51C31A41C324A9C46116 > Signed_Main.asc
gpg --output Signed_Main.asc.pgp --encrypt --recipient 660279E4B9E374894D7F51C31A41C324A9C46116 Signed_Main.asc
Then attach the Signed_Main.asc.pgp
file to an email and send it to [email protected]
Thank you.
After you have marked the Main key to trust fully, the other keys will be also marked as valid. If other keys are not marked as fully trusted, you can trust them by running the following command:
(echo 5; echo y; echo save) | gpg --command-fd 0 --no-tty --no-greeting -q --edit-key "660279E4B9E374894D7F51C31A41C324A9C46116" trust