Provided by: hash-slinger_2.6-1_amd64 bug

NAME
       openpgpkey - Create and verify RFC-TBD OPENPGPKEY DNS records


SYNTAX
       openpgpkey [--fetch | --verify] [--insecure] [--resolv.conf /PATH/TO/RESOLV.CONF] user@domain

       openpgpkey [--create] [--insecure] [--resolv.conf /PATH/TO/RESOLV.CONF] [--output {rfc,generic,both}]
       [--uid <keyid>] user@domain


DESCRIPTION
       openpgpkey generates RFC-TBD OPENPGPKEY DNS records. To generate these records for older nameserver
       implementations that do not yet support the OPENPGPKEY record, specify --output generic to output the
       openpgpkey data in Generic Record (RFC-3597) format. Records are generated by taking all keys with the
       specified email address associated with it from the user's local GnuPG keychain.

       Verification of OPENPGPKEY records is done by comparing the keyid and fingerprint of the OPENPGPKEY
       obtained from DNS with the version in the local GnuPG keychain.


OPTIONS
       --fetch
           Fetch an OPENPGPKEY public key record from DNS

       --create
           Create an OPENPGPKEY DNS record

       --verify
           Verify a public key from the local GPG keyring with the OPENPGPKEY DNS record

       --resolvconf FILE
           Specify a custom resolv.conf file (default: /etc/resolv.conf)

       --output rfc | generic | both
           Output format of OPENPGPKEY record. "OPENPGPKEY" for rfc, "TYPE61" for generic (default: generic)

       If neither create or verify is specified, create is used.


REQUIREMENTS
       openpgpkey requires the following python libraries: unbound, gnupg and argparse. It also requires gnupg
       which provides the gpg command.


BUGS
       none known


EXAMPLES
       typical usage:

       openpgpkey --fetch paul@nohats.ca > paul.pubkey

       openpgpkey --verify paul@nohats.ca

       openpgpkey --create paul@nohats.ca


SEE ALSO
       draft-ietf-dane-openpgpkey

       http://people.redhat.com/pwouters/hash-slinger/


AUTHORS
       Paul Wouters <pwouters@redhat.com>


COPYRIGHT
       Copyright 2014-2015

       This program is free software; you can redistribute it and/or modify it under the terms of the GNU
       General Public License as published by the Free Software Foundation; either version 2 of the License, or
       (at your option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.

       This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even
       the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
       License (file COPYING in the distribution) for more details.

Paul Wouters                                    December 30, 2013                                  OPENPGPKEY(1)