[scponly] PGP/GnuPG sig of scponly-3.6.tgz
wbr oblyr
joe at sublimation.org
Wed Mar 12 19:30:39 EST 2003
yes, i should really be doing the right thing with package signing and
providing something cryptographically secure. this will happen soon and
continue to happen for each ongoing release.
i appreciate reminders for things like this, if other "real open source
project" type features are missing that you think are important, please
let me know.
joe
----
PGP KEY: http://www.sublimation.org/contact.html
PGP Key fingerprint = EC4B 0DA5 B4F6 BDDD 9176 55D6 3A6A 7D63 158F 22D2
On Tue, 11 Mar 2003, Sven Hoexter wrote:
> On Mon, Mar 10, 2003 at 11:34:12PM -0800, Hsing-Tsu Lai wrote:
>
> Hi,
>
> > Where can I get a detached signature file in order to
> > verify the download?
> >
> > Got Joe's public key but can't seem to find the sig
> > file for this particular download anywhere.
> AFAIK Joe doesn't sign the releases. Well from the
> security point of view this is a bad habbit. Anyway
> how many people use provided signatures to verify
> there downloads? I don't think that are so much but
> that should not count :)
>
> Joe what about providing at least the md5sum of the
> releases?
>
> Sven
>
>
> --
> Revolution is not a dinner party, not an essay, nor a painting, nor a piece of
> embroidery; it cannot be advanced softly, gradually, carefully, considerately,
> respectfully, politely, plainly, and modestly.
> - Mao Zedong (Mao Tse-tung)
> _______________________________________________
> scponly mailing list
> scponly at lists.ccs.neu.edu
> https://lists.ccs.neu.edu/bin/listinfo/scponly
>
More information about the scponly
mailing list