#!/bin/bash
# to be run on {www,boot}.planet-lab.eu where the CERTH key was imported
#
+# (*) initialized gpg with the gpg rings found in /etc/planetlab
+# ple-www.pl.sophia.inria.fr ~ # ls -ld .gnupg .gnupg/*ring.gpg
+# drwx------ 2 root root 4096 Jun 17 16:11 .gnupg
+# -rw------- 1 root root 28357 Jun 17 16:11 .gnupg/pubring.gpg
+# -rw------- 1 root root 47028 Jun 16 16:43 .gnupg/secring.gpg#
+#
# (*) used NITOS indications to locate armored key
# http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4646985724FAFE07
#
# (*) gpg --import /etc/planetlab/Nitlab.key
#
# (*) signed the snipped version and published it to NITOS
-# upon reception of their acknowledgement we can sign the key
-# (which hopefully will remove the need for typing 'y' hehe)
+#
+####################
+# (*) upon reception of their acknowledgement, which establishes trust
+# sign and trust the key:
+# [boot-planet-lab-eu] ~/.gnupg # gpg --edit-key CERTH
+# gpg (GnuPG) 1.4.7; Copyright (C) 2006 Free Software Foundation, Inc.
+#
+# <snip>
+#
+# Command> sign
+#
+# <snip>
+#
+# Really sign? (y/N) y
+#
+# Command> trust
+#
+# <snip>
+#
+# 1 = I don't know or won't say
+# 2 = I do NOT trust
+# 3 = I trust marginally
+# 4 = I trust fully
+# 5 = I trust ultimately
+# m = back to the main menu
+#
+# Your decision? 5
+# Do you really want to set this key to ultimate trust? (y/N) y
+#
+# <snip>
+#
+# Command> q
+# Save changes? (y/N) y
+# [boot-planet-lab-eu] ~/.gnupg #
+
DIRNAME=$(dirname $0)
cd $DIRNAME
# refresh the gpg encrypted version of the export file
+mv -f EXPORT.nitlab.gpg EXPORT.nitlab.gpg.bak
plcsh ./export-omf.py | gpg -r CERTH -e --output EXPORT.nitlab.gpg
# publish under /var/www/html/download/EXPORT.nitlab