GnuPG (also known by its command name, gpg) is a tool primarily for public key Encryption and cryptographic authentication.
There is a lot of material about GnuPG out there, so I won’t be duplicating it all here. But, I do have some more unique contributions for those familiar with GnuPG:
- There are alternatives to gpg/gpgv that may be useful in some cases: Age (Encryption) for encryption and signify for authentication.
- GPG makes a nice companion to Filespooler; see Verifying Filespooler Job Integrity and Encrypting Filespooler Jobs with GPG.
Links to this note
Age is a public-key encryption system, similar in certain concepts to GnuPG (GPG), but simpler because it isn’t focused on building a web of trust.
Anything that uses encryption to keep content away from spying eyes.
Sequoia PGP is a Rust-based implementation of OpenPGP, aimed to be modern and secure. It is often thought of as an alternative to GnuPG (GPG).
Sometimes, one wants to verify the integrity and authenticity of a Filespooler job file before processing it.
I loaded up this title with buzzwords. The basic idea is that IM systems shouldn’t have to only use the Internet. Why not let them be carried across LoRa radios, USB sticks, local Wifi networks, and yes, the Internet? I’ll first discuss how, and then why.
Signify is a toool to create and verify signatures on files.