Provided by: msva-perl_0.9.2-1.1_all bug

NAME
       msva-perl - Perl implementation of a Monkeysphere Validation Agent


SYNOPSIS
         msva-perl [ COMMAND [ ARGS ... ] ]


ABSTRACT
       msva-perl provides a Perl implementation of the Monkeysphere Validation Agent, a certificate validation
       service.


INTRODUCTION
       The Monkeysphere Validation Agent offers a local service for tools to validate certificates (both X.509
       and OpenPGP) and other public keys.

       Clients of the validation agent query it with a public key carrier (a raw public key, or some flavor of
       certificate), the supposed name of the remote peer offering the pubkey, and the context in which the
       validation check is relevant (e.g. ssh, https, etc).

       The validation agent then tells the client whether it was able to successfully validate the peer's use of
       the public key in the given context.


USAGE
       Launched with no arguments, msva-perl simply runs and listens forever.

       Launched with arguments, it sets up a listener, spawns a subprocess using the supplied command and
       arguments, but with the MONKEYSPHERE_VALIDATION_AGENT_SOCKET environment variable set to refer to its
       listener.  When the subprocess terminates, msva-perl tears down the listener and exits as well, returning
       the same value as the subprocess.

       This is a similar invocation pattern to that of ssh-agent(1).


ENVIRONMENT VARIABLES
       msva-perl is configured by means of environment variables.

       MSVA_LOG_LEVEL
           msva-perl  logs  messages  about its operation to stderr.  MSVA_LOG_LEVEL controls its verbosity, and
           should be one of (in increasing verbosity):  silent,  quiet,  fatal,  error,  info,  verbose,  debug,
           debug1, debug2, debug3.  Default is 'error'.

       MSVA_ALLOWED_USERS
           If  your  system  is capable of it, msva-perl tries to figure out the owner of the connecting client.
           If MSVA_ALLOWED_USERS is unset, msva-perl will only permit connections from the user msva is  running
           as.  If you set MSVA_ALLOWED_USERS, msva-perl will treat it as a list of local users (by name or user
           ID) who are allowed to connect.

       MSVA_PORT
           msva-perl listens on a local TCP socket to facilitate access.  You can choose what port to bind to by
           setting MSVA_PORT.  Default is to bind on an arbitrary open port.

       MSVA_KEYSERVER
           msva-perl  will  request  information  from  OpenPGP  keyservers.   Set MSVA_KEYSERVER to declare the
           keyserver you want it to check with.  If this variable is blank or unset, and your gpg.conf  contains
           a  keyserver  declaration,  it  will  use  the  GnuPG  configuration.   Failing  that, the default is
           'hkp://pool.sks-keyservers.net'.

       MSVA_KEYSERVER_POLICY
           msva-perl must decide when to check with keyservers  (for  new  keys,  revocation  certificates,  new
           certifications,  etc).   There are three possible options: 'always' means to check with the keyserver
           on every query it receives.  'never' means to never check with a keyserver. 'unlessvalid'  will  only
           check with the keyserver on a specific query if no keys are already locally known to be valid for the
           requested peer.  Default is 'unlessvalid'.

       MSVA_MONITOR_CHANGES
           Under  graphical  environments  such  as  X11,  msva-perl is capable of monitoring for changes in its
           underlying code and can prompt the user to restart the  daemon  when  some  of  the  underlying  code
           changes.   Setting this environmnt variable to 'true' enables this monitoring and prompting behavior.
           Default is 'false'.


COMMUNICATION PROTOCOL DETAILS
       Communications with the Monkeysphere Validation Agent are in the form of JSON requests over  plain  HTTP.
       Responses  from  the  agent  are  also  JSON  objects.   For details on the structure of the requests and
       responses, please see http://web.monkeysphere.info/validation-agent/protocol


SECURITY CONSIDERATIONS
       msva-perl deliberately binds to the IPv4 loopback (on 127.0.0.1) so that remote users do not  get  access
       to the daemon.  On systems (like Linux) which report ownership of TCP sockets in /proc/net/tcp, msva-perl
       will refuse access from random users (see MSVA_ALLOWED_USERS above).


SEE ALSO
       monkeysphere(1), monkeysphere(7), ssh-agent(1)


BUGS AND FEEDBACK
       Bugs  or  feature  requests  for msva-perl should be filed with the Monkeysphere project's bug tracker at
       https://labs.riseup.net/code/projects/monkeysphere/issues/


AUTHORS AND CONTRIBUTORS
       Daniel Kahn Gillmor <dkg@fifthhorseman.net<gt>

       The Monkeysphere Team http://web.monkeysphere.info/


COPYRIGHT AND LICENSE
       Copyright X Daniel Kahn Gillmor and others from the  Monkeysphere  team.   msva-perl  is  free  software,
       distributed under the GNU Public License, version 3 or later.

perl v5.32.0                                       2021-01-04                                       MSVA-PERL(1)