From Newsgroup: news.admin.hierarchies
Hi Wolfgang,
Should your new key be declared in control.ctl and PGPKEYS?
https://www.eternal-september.org/control-eternal-september.asc
pub rsa4096 2025-07-16 [SC]
17A7E98E3038BE35428F30E4F53C21EEF3D2EA49
uid [ inconnue] Control <control@eternal-september.org>
Yes, please.
The information will normally be updated in the next control-archive
release by Russ. I have opened a issue to remember that:
https://github.com/rra/control-archive/issues/9
Looks like the expected flag was "=Control <control@eternal-september.org>".
What confused me was the unexpected "=" strict match indicator that is
always added by signcontrol.py ;-)
You're right, I'll add a comment in the code about that equal sign.
"If you're using GnuPG, in order to not get any spaces into the user ID,
you need to use gpg --gen-key --allow-freeform-uid, enter the desired
^^^^^^^^^^^^^^^^^
user ID as the name, and then press Enter when asked for an e-mail ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
address or comment. The recommended user ID is the e-mail address of the ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ sender, but it has to be entered as the name or GnuPG will not generate ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
the right user ID. A later version of pgpverify will hopefully make this ^^^^^^^^^^^^^^^^^^
unnecessary, but older versions will be around for quite some time."
This caveat also applies to signcontrol.py's
"Manage my PGP keys (generate/import/export/remove/revoke)"
Isn't the current wording when running that function enough? I do not
see more information to add, unless I am mistaken?
What do you want to do?
-----------------------
1. See the current installed keys
2. Generate a new pair of secret/public keys
3. Export a public key
4. Export a secret key
5. Import a secret key
6. Remove a pair of secret/public keys
7. Revoke a secret key
8. Quit
Your choice (1-8): 2
-----------------------------------------------------------------------
Please put the e-mail address from which you will send control articles
in the key ID (the real name field). And leave the other fields blank,
for better compatibility with Usenet software.
Choose a 3072-bit or 4096-bit RSA key which *never expires*.
You should also provide a strong passphrase, for security reasons.
There is no need to edit the key after it has been generated.
Please note that the key generation may not finish if it is launched
on a remote server, owing to a lack of enough entropy. Use your own
computer instead and import the key on the remote one afterwards. -----------------------------------------------------------------------
There's no more fields to complete as far as I see:
gpg (GnuPG) 2.2.40; Copyright (C) 2022 g10 Code GmbH
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
S|-lectionnez le type de clef d|-sir|--a:
(1) RSA et RSA (par d|-faut)
(2) DSA et Elgamal
(3) DSA (signature seule)
(4) RSA (signature seule)
(14) Existing key from card
Quel est votre choix-a? 1
les clefs RSA peuvent faire une taille comprise entre 1024 et 4096-abits. Quelle taille de clef d|-sirez-vous-a? (3072)
La taille demand|-e est 3072-abits
Veuillez indiquer le temps pendant lequel cette clef devrait |-tre valable.
0 = la clef n'expire pas
<n> = la clef expire dans n-ajours
<n>w = la clef expire dans n-asemaines
<n>m = la clef expire dans n-amois
<n>y = la clef expire dans n-aans
Pendant combien de temps la clef est-elle valable-a? (0)
La clef n'expire pas du tout
Est-ce correct-a? (o/N) o
GnuPG doit construire une identit|- pour identifier la clef.
Nom r|-el-a:
test@test.fr
Adresse |-lectronique-a:
Commentaire-a:
Vous avez s|-lectionn|- cette identit|--a:
-2-atest@test.fr-a-+
Changer le (N)om, le (C)ommentaire, l'(A)dresse |-lectronique
ou (O)ui/(Q)uitter-a? o
De nombreux octets al|-atoires doivent |-tre g|-n|-r|-s. Vous devriez faire autre chose (taper au clavier, d|-placer la souris, utiliser les disques) pendant la g|-n|-ration de nombres premiers-a; cela donne au g|-n|-rateur de nombres al|-atoires une meilleure chance d'obtenir suffisamment d'entropie. gpg: revocation certificate stored as '/home/news/.gnupg/openpgp-revocs.d/40AF678E1D6B09E8B8A58C1E70C80795F8821D07.rev'
les clefs publique et secr|?te ont |-t|- cr|-|-es et sign|-es.
pub rsa3072 2025-07-18 [SC]
40AF678E1D6B09E8B8A58C1E70C80795F8821D07
uid
test@test.fr
sub rsa3072 2025-07-18 [E]
After having generated these keys, you should export your PUBLIC key
and make it public (in the web site of your hierarchy, along with
a current checkgroups, and also announce it in news.admin.hierarchies).
You can also export your PRIVATE key for backup only.
--
Julien |eLIE
-2-aLove is blind but marriage is an eye-opener.-a-+
--- Synchronet 3.21a-Linux NewsLink 1.2