Hello!
g10 Code GmbH is pleased to announce the availability of the new
software package Scute.
Scute is a PKCS #11 implementation for the OpenPGP card using the
GnuPG 2.0 framework. It allows you to use your OpenPGP card for
client authentication in Mozilla-based web browsers.
Scute is distributed under the terms of the GNU General Public License
(GPL). Scute works best on GNU/Linux or *BSD systems. Other POSIX
compliant systems are also supported but have not yet been tested very
well.
Getting the Software
===================
Please follow the instructions found at http://www.scute.org/download.xhtml
or read on:
Scute may be downloaded from one of the GnuPG mirror sites or directly
from ftp://ftp.gnupg.org/gcrypt/ . The list of mirrors can be found
at http://www.gnupg.org/mirrors.html .
On the mirrors you should find the following files in the *scute*
directory:
scute-1.0.0.tar.bz2
scute-1.0.0.tar.bz2.sig
Scute source compressed using BZIP2 and OpenPGP signature.
Please try another mirror if exceptional your mirror is not yet up to
date. Scute requires a couple of libraries to be installed; see the
README file for details.
Checking the Integrity
=====================
In order to check that the version of Scute which you are going to
install is an original and unmodified one, simply check the supplied
signature. For example to check the signature of the file
scute-1.0.0.tar.bz2 you would use this command:
gpg --verify scute-1.0.0.tar.bz2.sig
This checks whether the signature file matches the source file.
You should see a message indicating that the signature is good and
made by that signing key. Make sure that you have the right key,
either by checking the fingerprint of that key with other sources
or by checking that the key has been signed by a trustworthy other
key. Note, that you can retrieve the signing key using the command
finger wk ,at' g10code.com
or using a key server like
gpg --recv-key 1CE0C630
The distribution key 1CE0C630 is signed by the well known key
5B0358A2. If you get an key expired message, you should retrieve a
fresh copy as the expiration date might have been prolonged.
NEVER USE A GNUPG VERSION YOU JUST DOWNLOADED TO CHECK THE
INTEGRITY OF THE SOURCE - USE AN EXISTING GNUPG INSTALLATION!
Documentation
============
Documentation is currently only available in the file README. More
detailed instructions will be part of the next version and become
available on the web page in the next two weeks.
Support
======
Improving Scute is costly, but you can help! We are looking for
organizations that find Scute useful and wish to contribute back. You
can contribute by reporting bugs, improve the software, or by donating
money.
Commercial support contracts for Scute are available, and they help
finance continued maintenance. g10 Code GmbH, a Duesseldorf based
company owned and headed by GnuPG's principal author, is currently
funding Scute development. We are always looking for interesting
development projects.
Happy Hacking,
The Scute Team (Werner and Marcus)