9
24
Fork
You've already forked keyoxide-cli
3

Support fetching profiles and keys from arbitrary URL #15

Open
opened 2022年03月31日 01:01:38 +02:00 by caesar · 3 comments
Contributor
Copy link

Now that we have #9, which allows us to verify a "signature profile" by providing a local path or piping to stdin, it occurred to me that it would be great to also be able to just provide the URL of a profile hosted online:

keyoxide https://codeberg.org/keyoxide/keyoxide-cli/raw/branch/main/test/signature-profile.asc

Then I thought: why not for keys, too?

keyoxide https://yarmo.eu/9F0048AC0B23301E1F77E994909F6BD6F80F485D.asc

Implementation-wise, I guess it would be necessary to fetch the content from the URL, detect whether it is a key or a signature, and then proceed accordingly.

This would be especially useful for "signature profiles" given there is no centralised mechanism for distributing them (which can be an advantage, in terms of privacy).


Now I think of it (though this should be an issue on keyoxide-web), we could support verification of "signature profiles" on the web with a link like:

https://keyoxide.org/?profile=[profile_url]
Now that we have #9, which allows us to verify a "signature profile" by providing a local path or piping to stdin, it occurred to me that it would be great to also be able to just provide the URL of a profile hosted online: ``` keyoxide https://codeberg.org/keyoxide/keyoxide-cli/raw/branch/main/test/signature-profile.asc ``` Then I thought: why not for keys, too? ``` keyoxide https://yarmo.eu/9F0048AC0B23301E1F77E994909F6BD6F80F485D.asc ``` Implementation-wise, I guess it would be necessary to fetch the content from the URL, detect whether it is a key or a signature, and then proceed accordingly. This would be especially useful for "signature profiles" given there is no centralised mechanism for distributing them (which can be an advantage, in terms of privacy). --- Now I think of it (though this should be an issue on keyoxide-web), we could support verification of "signature profiles" on the web with a link like: ``` https://keyoxide.org/?profile=[profile_url] ```
Author
Contributor
Copy link

I should note that it's easy to achieve the same result by doing

curl https://codeberg.org/keyoxide/keyoxide-cli/raw/branch/main/test/signature-profile.asc | keyoxide

but direct support would be much clearer for folks who don't live in the terminal.

I should note that it's easy to achieve the same result by doing ``` curl https://codeberg.org/keyoxide/keyoxide-cli/raw/branch/main/test/signature-profile.asc | keyoxide ``` but direct support would be much clearer for folks who don't live in the terminal.
Owner
Copy link

The curl-pipe command is nice! Do note that keyoxide-cli is targeted at people who live in the terminal. Other people will gravitate towards GUIs like the website.

That being said, it could be an idea to have it built-in. So in this case, if the argument starts with https://, go fetch it and then figure out if it's a key or a signature profile, like we do with stdin?

The curl-pipe command is nice! Do note that keyoxide-cli is targeted at people who live in the terminal. Other people will gravitate towards GUIs like the website. That being said, it could be an idea to have it built-in. So in this case, if the argument starts with https://, go fetch it and then figure out if it's a key or a signature profile, like we do with stdin?
Author
Contributor
Copy link

So in this case, if the argument starts with https://, go fetch it and then figure out if it's a key or a signature profile, like we do with stdin?

Exactly. But maybe it would be a good idea to implment that logic in doipjs so it can be shared with keyoxide-web?

Admitedly it's not a lot of logic and it's partly implemented in keyoxide-cli already (the part that is shared with stdin).

> So in this case, if the argument starts with https://, go fetch it and then figure out if it's a key or a signature profile, like we do with stdin? Exactly. But maybe it would be a good idea to implment that logic in doipjs so it can be [shared with keyoxide-web](https://codeberg.org/keyoxide/keyoxide-web/issues/129)? Admitedly it's not a lot of logic and it's partly implemented in keyoxide-cli already (the part that is shared with stdin).
Sign in to join this conversation.
No Branch/Tag specified
main
0.4.4
0.4.3
0.4.2
0.4.1
0.4.0
0.3.0
0.2.0
Labels
Clear labels
bug
Something is not working
duplicate
This issue or pull request already exists
enhancement
New feature
help wanted
Need some help
invalid
Something is wrong
question
More information is needed
wontfix
This won't be fixed
Contribution welcome
Get started contributing here
Good first issue
Good if you are new to the project or to open source contributions
Impact
External
Affects the people using the project
Impact
Internal
Affects on the people working on the project
Priority
Critical
Work on right now
Priority
High
Work on at earliest convenience
Priority
Low
Work on in spare time
Priority
Medium
Work on regularly
Review
Duplicate
Already exists
Review
Off Topic
Does not fall within the scope of the repo/project
Status
Backlog
Is not being worked on yet
Status
Blocked
Is waiting on something or someone
Status
Completed
Is done
Status
In Progress
Is being worked on
Status
Investigating
Is waiting on research or questions
Status
Needs Decision
Is waiting on a decision by the devs/contributors
Status
Needs Info
Is waiting on additional information before it can be solved
Status
Needs Triage
Is new issue that needs reviewing
Status
Testing
Is being checked and verified
Status
Waiting For Review
Is waiting on reviewers to approve
Status
Won't Fix
Won't be fixed
Type
Bug
Related to something not working as intended
Type
CI
Related to continuous integration
Type
Documentation
Related to documentation
Type
Enhancement
Related to a new feature or an improved one
Type
New Claim
Related to a new identity claim/proof
Type
Security
Related to security
Type
Tests
Related to code tests
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
keyoxide/keyoxide-cli#15
Reference in a new issue
keyoxide/keyoxide-cli
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?