Mail Archives: cygwin/2002/09/25/07:28:04
--------------enig96DE0AAFB574B2B9CEC145D0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Hi Robert,
> Right, well I'll happily run generate checksums of what I download, and
> if the poster to here posts the expected checksums, in a gpg signed
> message, then we can be fairly sure that whomever sent the email,
> created the package files.
>
> Generating trust in a specific GPG signature takes time or a web of
> trust, and is a related-but-separate discussion. I think that my GPG key
> is well associated with me by now :] (Either that, or a very persistence
> mimic :};}). One way would be for maintainers to follow a similar
> approach and consistently sign their emails. YMMV.
yes, but I need your public key to verify that you are really YOU.
Where did you put your public key, I tried some keyservers but couldn't
find you. Many "Robert Collins", but not with rbcollins AT cygwin DOT com .
Bye
Volker
--
PGP/GPG key (ID: 0x9F8A785D) available from wwwkeys.de.pgp.net
key-fingerprint 550D F17E B082 A3E9 F913 9E53 3D35 C9BA 9F8A 785D
--------------enig96DE0AAFB574B2B9CEC145D0
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE9kZ2sPTXJup+KeF0RAssQAJ9ZPrlnGjwOFj2TDvQQ3+S0RMXfwgCfQ0n7
ADWnABEFlLMGKf6PqjKX1eo=
=scip
-----END PGP SIGNATURE-----
--------------enig96DE0AAFB574B2B9CEC145D0--
- Raw text -