GnuPG (also known by its command name, gpg) is a tool primarily for public key Encryption and cryptographic authentication.
Homepage: https://www.gnupg.org
There is a lot of material about GnuPG out there, so I won’t be duplicating it all here. But, I do have some more unique contributions for those familiar with GnuPG:
- There are alternatives to gpg/gpgv that may be useful in some cases: Age (Encryption) for encryption and signify for authentication.
- GPG makes a nice companion to Filespooler; see Verifying Filespooler Job Integrity and Encrypting Filespooler Jobs with GPG.
Links to this note
Sometimes, one wants to verify the integrity and authenticity of a Filespooler job file before processing it.
Sequoia PGP is a Rust-based implementation of OpenPGP, aimed to be modern and secure. It is often thought of as an alternative to GnuPG (GPG).
Signify is a toool to create and verify signatures on files.
Thanks to Filespooler’s support for decoders, data for filespooler can be Encrypted at rest and only decrypted when Filespooler needs to scan or process a queue.
Age is a public-key encryption system, similar in certain concepts to GnuPG (GPG), but simpler because it isn’t focused on building a web of trust.
Anything that uses encryption to keep content away from spying eyes.
“OK,” you’re probably thinking. “John, you talk a lot about things like Gopher and personal radios, and now you want to talk about building a reliable network out of… USB drives?”
I loaded up this title with buzzwords. The basic idea is that IM systems shouldn’t have to only use the Internet. Why not let them be carried across LoRa radios, USB sticks, local Wifi networks, and yes, the Internet? I’ll first discuss how, and then why.