On 03/03/15 00:59, BitingBird wrote:
> sajolida:
> [...]
>> BitingBird is working on improving the OpenPGP documentation (see #5316)
>> so paperkey could be mentioned there. If we feel like getting into more
>> details and writing a full page about it, then it should probably be
>> moved to "Advanced topics".
>
> I don't think a dedicated page is needed.
I agree, especially as...
>> But before being able to decide on this we need to brainstorm on what
>> would be in that documentation. We usually limit ourselves to explaining
>> what the software does, pointing to upstream documentation, and
>> explaining the specificities of that software in Tails.
... pointing upstream seems to be the usual way of documenting this kind
of thing and my patch does not result in any specificities of paperkey
in Tails.
>> In the case of paperkey, what is worth being mentioned?
Once someone feels the need to print out her OpenPGP key, she will most
probably get the beauty of paperkey right away. So I think worth
mentioning would be what it does: "Paperkey reduces the amount of data
to be printed to the bare minimum (secret part of key) and adds
checksums which allow for easier restore of the key when typing it in or
dealing with dirty scans."
I think it would be enough to put this kind of information in a little
paragraph or one of those 'note boxes' in a part of the documentation
that deals with creating PGP keys. Maybe prefaced by a little
explanation on why printing keys out is a good idea.
But is there such a part of the documentation? And is the Tails
documentation actually the place for such general information? Or is
this the kind of stuff that someone reads about somewhere upstream and
then here only expects to find implementation specifics regarding Tails?
>> As a first remark, the manpage is not clear about the fact that the
>> backup of the "secret information" still includes the protecting by its
>> passphrase. Maybe that should be fixed upstream actually.
>>
> I can mention it. I'll just link to
> http://www.jabberwocky.com/software/paperkey/ that is short but complete.
I think mentioning it is a good idea, especially as it is a CLI program
and therefore it is not so easy to discover.
> And yes, the upstream page does spedify the encrypted (or not) key, so I
> don't think we should re-write its doc.
The information can also be found in the man page in the "security
considerations" section, so we should be fine with regard to this.
cheers
amette
> Cheers,
>
> BitingBird
> _______________________________________________
> Tails-dev mailing list
> Tails-dev@???
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to Tails-dev-unsubscribe@???.
>
--
https://amette.eu
mail@???
