Build-Depends: python (>= 2.5), debhelper (>= 8.1.2)
Standards-Version: 3.1.1
+Package: distorted-keys-base
+Architecture: all
+Depends: openssl (>= 0.9.8o)
+Recommends: gnupg, claim-dir
+Suggests: seccure
+Description: Underlying machinery for distorted.org.uk key-management system.
+ This package contains the libraries and key-type definitions for the
+ distorted.org.uk key-management system. It also contains a script suitable
+ for doing public-key operations without any of the `userv' machinery
+ required by the full system. It might therefore be useful to install this
+ package on satellite systems, even if they don't have the full system.
+
Package: distorted-keys
Architecture: all
-Depends: python (>= 2.5), userv, openssl (>= 0.9.8o), adduser
-Recommends: gnupg
-Suggests: seccure, texlive-latex-recommended, qrencode
+Depends: distorted-keys-base, python (>= 2.5), userv, adduser, qrencode
+Suggests: texlive-latex-recommended
Description: Basic key-management system with secure recovery features.
The primary purpose of the distorted.org.uk key management system is
to provide a secure way of recovering important cryptographic keys,
This system doesn't actually do very much cryptography itself. Instead,
it uses other existing implementations, such as GnuPG, OpenSSL, and
Seccure.
+
+Package: claim-dir
+Architecture: all
+Depends: userv
+Recommends: cryptsetup, dmsetup
+Description: Allow users to claim directories on file systems
+ Machines sometimes have storage devices with useful special properties --
+ such as high performance, or secure erasure on power failure. Rather than
+ set the root of such a filesystem world-writable and sticky, thereby making
+ another filesystem as hard to use safely as `/tmp', `claim-dir' lets users
+ claim directories on such filesystems via `userv'. A newly claimed
+ directory is named after the calling user, and created readable and writable
+ only by the calling user -- so he or she can relax the permissions later if
+ necessary.
+ .
+ A script `mount-ephemeral' is included which allows the construction of an
+ ephemeral filesystem -- one which is backed by normal storage (typically in
+ `/tmp'), but encrypted using a temporary key which will be lost at reboot.
+ This script can be used to build a safe place for the storage of
+ temporary secrets.