README.rst 2.55 KB
Newer Older
anarcat's avatar
anarcat committed
1 2 3
Monkeysign: OpenPGP Key Exchange for Humans
===========================================

emmapeel's avatar
emmapeel committed
4
`Monkeysign` is a tool to overhaul the OpenPGP keysigning experience and
anarcat's avatar
anarcat committed
5 6 7
bring it closer to something that most primates can understand.

The project makes use of cheap digital cameras and the type of bar code
emmapeel's avatar
emmapeel committed
8
known as a `QRcode` to provide a human-friendly yet still-secure
anarcat's avatar
anarcat committed
9 10 11 12 13 14 15
keysigning experience.

No more reciting tedious strings of hexadecimal characters. And, you can
build a little rogue's gallery of the people that you have met and
exchanged keys with! (Well, not yet, but it's part of the plan.)

Monkeysign also features a user-friendly commandline tool, similar to
emmapeel's avatar
emmapeel committed
16
``caff``, to sign OpenPGP keys following the current best practices.
anarcat's avatar
anarcat committed
17

anarcat's avatar
anarcat committed
18
Monkeysign was written by Jerome Charaoui and Antoine Beaupre and is
anarcat's avatar
anarcat committed
19 20 21 22 23 24 25 26 27
licensed under GPLv3.

Features
--------

-  commandline and GUI interface
-  GUI supports exchanging fingerprints with qrcodes
-  print your OpenPGP fingerprint on a QRcode
-  key signature done on a separate keyring
emmapeel's avatar
emmapeel committed
28
-  signature sent in an encrypted email to ensure:
anarcat's avatar
anarcat committed
29 30 31 32 33 34 35 36 37

  1. the signee controls the signed email
  2. the signee controls the private key
  3. the signee decides what to do with the signature

-  local ("non-exportable") signatures
-  send through local email server, arbitrary SMTP server or other
   programs

38 39
.. For users reading this source file, most documentation is available
   in the `doc/` subdirectory.
anarcat's avatar
anarcat committed
40

41
For usage instructions, see :doc:`usage` section, for install
42 43
instructions, see :doc:`install` section and for support, see the
:doc:`contributing` section.
anarcat's avatar
anarcat committed
44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66

Similar projects
----------------

-  `OpenKeychain <https://www.openkeychain.org/>`__, a fork of
   `APG <http://www.thialfihar.org/projects/apg/>`__, has support for
   exporting and importing fingerprints in QRcode and NFC. It uses
   similar strings for QRcodes exchanges and is compatible with
   Monkeysign. (`Github
   project <https://github.com/open-keychain/open-keychain>`__)

-  `GPG for Android <https://guardianproject.info/code/gnupg/>`__ (of
   the `Guardian project <https://guardianproject.info/>`__) will import
   public keys in your device's keyring when they are found in QRcodes,
   so it should be able to talk with Monkeysign, but this remains to be
   tested. (`Github
   project <https://github.com/guardianproject/gnupg-for-android>`__)

-  `Gibberbot <https://guardianproject.info/apps/gibber/>`__ (also of
   the `Guardian project <https://guardianproject.info/>`__) can
   exchange OTR fingerprints using QRcodes. (`Github
   project <https://github.com/guardianproject/Gibberbot>`__)