Clint Adams: A local script for local people
This isn't actually answering the question, but it's close. It's also horrible, so whoever adopts
Enrico's script should also
completely rewrite this or burn it along with the stack of pizza boxes and the grand piano.
Input:
#!/bin/zsh
set -e
PATHS=$(tempfile)
NEWKEYS=$(tempfile)
NEWKEYRING=$(tempfile)
FARTHEST_TEN=$(tempfile)
trap "rm -f $ PATHS $ NEWKEYS $ NEWKEYRING $ FARTHEST_TEN " EXIT
keyring=$ 1:-ksp-dc16.gpg
myfpr=$ 2:-2100A32C46F895AF3A08783AF6D3495BB0AE9A02
#keyserver=$ 3:-http://pool.sks-keyservers.net:11371/
# this doesn't handle hokey fetch failures
#(for fpr in $(hkt list --keyring $ keyring --output-format JSON jq '.[].publickey.fpr')
#do
# hokey fetch --keyserver "$ keyserver " --validation-method MatchPrimaryKeyFingerprint "$ (Q)fpr "
#done) >$ NEWKEYS
#
#gpg2 --no-default-keyring --keyring $ NEWKEYRING --import $ NEWKEYS
cp "$ keyring " "$ NEWKEYRING "
gpg2 --no-default-keyring --keyring $ NEWKEYRING --refresh
hkt findpaths --keyring $ NEWKEYRING '' '' '' > $ PATHS
id=$(awk -F, "/$ myfpr )\$/ sub(/\(/,BLANKY,\$1);print \$1; " $ PATHS )
grep -e ",\[$ id ," -e ",$ id \]" $ PATHS sort -n tail -n 10 > $ FARTHEST_TEN
targetids=($ (f)"$ $((sed 's/^.*\[//;s/,.*$//;' $ FARTHEST_TEN ; sed 's/\])$//;s/.*,//;' $ FARTHEST_TEN ) sort -n -u grep -v "^$ id $") " )
targetfprs=($(for i in $ targetids ; do awk -F, "/\($ i ,[^[]/ sub(/\)/,BLANKY,\$2); print \$2 " $ PATHS ; done))
gpg2 --no-default-keyring --keyring $ NEWKEYRING --list-keys $ targetfprs
Output:
pub rsa4096/0x664F1238AA8F138A 2015-07-14 [SC]
Key fingerprint = 3575 0B8F B6EF 95FF 16B8 EBC0 664F 1238 AA8F 138A
uid [ unknown] Daniel Lange <dl.ml1@usrlocal.de>
sub rsa4096/0x03BEE1C11DB1954B 2015-07-14 [E]
pub rsa4096/0xDF23DA3396978EB3 2014-09-05 [SC]
Key fingerprint = BBBC 58B4 5994 CF9C CC56 BCDA DF23 DA33 9697 8EB3
uid [ undef ] Michael Meskes <michael@fam-meskes.de>
uid [ undef ] Michael Meskes <meskes@postgresql.org>
uid [ undef ] Michael Meskes <michael.meskes@credativ.com>
uid [ undef ] Michael Meskes <meskes@debian.org>
sub rsa4096/0x85C3AFFECF0BF9B5 2014-09-05 [E]
sub rsa4096/0x35D857C0BBCB3B25 2014-11-04 [S]
pub rsa4096/0x1E953E27D4311E58 2009-07-12 [SC]
Key fingerprint = C2FE 4BD2 71C1 39B8 6C53 3E46 1E95 3E27 D431 1E58
uid [ undef ] Chris Lamb <chris@chris-lamb.co.uk>
uid [ undef ] Chris Lamb <lamby@gnu.org>
uid [ undef ] Chris Lamb <lamby@debian.org>
sub rsa4096/0x72B3DBA98575B3F2 2009-07-12 [E]
pub rsa4096/0xDF6D76C44D696F6B 2014-08-15 [SC] [expires: 2017-06-03]
Key fingerprint = 1A6F 3E63 9A44 67E8 C347 6525 DF6D 76C4 4D69 6F6B
uid [ unknown] Sven Bartscher <sven.bartscher@weltraumschlangen.de>
uid [ unknown] Sven Bartscher <svenbartscher@yahoo.de>
uid [ unknown] Sven Bartscher <kritzefitz@debian.org>
sub rsa4096/0x9E83B071ED764C3A 2014-08-15 [E]
sub rsa4096/0xAEB25323217028C2 2016-06-14 [S]
pub rsa4096/0x83E33BD7D4DD4CA1 2015-11-12 [SC] [expires: 2017-11-11]
Key fingerprint = 0B5A 33B8 A26D 6010 9C50 9C6C 83E3 3BD7 D4DD 4CA1
uid [ unknown] Jerome Charaoui <jerome@riseup.net>
sub rsa4096/0x6614611FBD6366E7 2015-11-12 [E]
sub rsa4096/0xDB17405204ECB364 2015-11-12 [A] [expires: 2017-11-11]
pub rsa4096/0xF823A2729883C97C 2014-08-26 [SC]
Key fingerprint = 8ED6 C3F8 BAC9 DB7F C130 A870 F823 A272 9883 C97C
uid [ unknown] Lucas Kanashiro <kanashiro@debian.org>
uid [ unknown] Lucas Kanashiro <kanashiro.duarte@gmail.com>
sub rsa4096/0xEE6E5D1A9C2F5EA6 2014-08-26 [E]
pub rsa4096/0x2EC0FFB3B7301B1F 2014-08-29 [SC] [expires: 2017-04-06]
Key fingerprint = 76A2 8E42 C981 1D91 E88F BA5E 2EC0 FFB3 B730 1B1F
uid [ unknown] Niko Tyni <ntyni@debian.org>
uid [ unknown] Niko Tyni <ntyni@cc.helsinki.fi>
uid [ unknown] Niko Tyni <ntyni@iki.fi>
sub rsa4096/0x129086C411868FD0 2014-08-29 [E] [expires: 2017-04-06]
pub rsa4096/0xAA761F51CC10C92A 2016-06-20 [SC] [expires: 2018-06-20]
Key fingerprint = C9DE 2EA8 93EE 4C86 BE73 973A AA76 1F51 CC10 C92A
uid [ unknown] Roger Shimizu <rogershimizu@gmail.com>
sub rsa4096/0x2C2EE1D5DBE7B292 2016-06-20 [E] [expires: 2018-06-20]
sub rsa4096/0x05C7FD79DD03C4BB 2016-06-20 [S] [expires: 2016-09-18]
Note that this completely neglects potential victims who are
unconnected within the KSP set.