This is the mail archive of the cygwin-apps@cygwin.com mailing list for the Cygwin project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Hi! Sorry, replied to the wrong mailing list in the first place.
Hi Robert,Right, well I'll happily run generate checksums of what I download, and if the poster to here posts the expected checksums, in a gpg signed message, then we can be fairly sure that whomever sent the email, created the package files. Generating trust in a specific GPG signature takes time or a web of trust, and is a related-but-separate discussion. I think that my GPG key is well associated with me by now :] (Either that, or a very persistence mimic :};}). One way would be for maintainers to follow a similar approach and consistently sign their emails. YMMV.yes, but I need your public key to verify that you are really YOU. Where did you put your public key, I tried some keyservers but couldn't find you. Many "Robert Collins", but not with rbcollins@cygwin.com .
Bye Volker -- PGP/GPG key (ID: 0x9F8A785D) available from wwwkeys.de.pgp.net key-fingerprint 550D F17E B082 A3E9 F913 9E53 3D35 C9BA 9F8A 785D
Attachment:
msg00191/pgp00000.pgp
Description: PGP signature
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |