GPG Keys

From Redbrick Wiki
Jump to navigation Jump to search

This article details what GPG keys are and how Redbrick uses them

Some definitions to start

OpenPGP is an open standard for PGP encryption maintained by the IETF. It was made so other protocols could interact with PGP. Both GPG and PGP are compliant.

PGP is the name of the original encryption program that was developed.

GNU Privacy Guard (GPG) is an open-source implementation of the OpenPGP standard

Keychains are just the list of the different keys you have on your computer.

Keyservers are used to share keys with other people.

What the hell are GPG keys

These implementations are encryption programs that provide cryptographic privacy and authentication for data communication. They are used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications.

Why and How does Redbrick use them ?!?

Redbrick uses GPG keys to verify the tags of the Open-Governance repository. We do this by tagging the open-governance repository.

Redbrick will have 2 different keys during the tagging ceremony: an Authoritative Key and a Tagging Key.

Authoritative Key: This is a continuous key that will exist to add authenticity and continuity to the tagging key. You sign this to certify that it is Redbrick's key.

Tagging Key: This is a key made before the EGM that will expire soon after. This will only sign the repo tag. You sign this to certify that the Membership Meeting has approved the tag


How the hell am I supposed to help???

We want our members to verify our Keys to

Retrieved from "https://wiki.redbrick.dcu.ie/index.php?title=GPG_Keys&oldid=11229"