[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Web of Trust (a revolution)



Stanisław T. Findeisen wrote:
> Friends,
> 
> Inspired by the recent problems with checksums for various installation
> files of Fedora 10, may I be allowed to say, that I think that broader
> adoption of OpenPGP standard (gpg) among Fedora (and Free Software)
> developers and users could be a desirable and advertising-worth goal.
> It could be a Strategy.
> 
Let me see - The Gnupg package is included with Fedora. RPMs are
signed with a GPG key - each version has its own key. The extra
repositories have their own keys. When their was a possibility that
the keys had been compromised, new keys were issued. It is not like
Fedora isn't already using gpg...

About the only change I can see would be signing the files needed to
do a network install...

Mikkel
-- 

  Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]