This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
On Wed, 2002-09-25 at 21:27, Volker Quetschke wrote: > Hi Robert, > > Right, well I'll happily run generate checksums of what I download, and > > if the poster to here posts the expected checksums, in a gpg signed > > message, then we can be fairly sure that whomever sent the email, > > created the package files. > > > > Generating trust in a specific GPG signature takes time or a web of > > trust, and is a related-but-separate discussion. I think that my GPG key > > is well associated with me by now :] (Either that, or a very persistence > > mimic :};}). One way would be for maintainers to follow a similar > > approach and consistently sign their emails. YMMV. > yes, but I need your public key to verify that you are really YOU. > > Where did you put your public key, I tried some keyservers but couldn't > find you. Many "Robert Collins", but not with rbcollins@cygwin.com . Ah yes, I had not uploaded a recent copy with the appropriate subkeys. I've uploaded a new version, should replicate shortly :}. rbtcollins@hotmail.com is the primary email on the old copy, if you want to grab that. Also, you could try keyserver-options auto-key-retrieve in your gnupg options file, I find it very useful. Cheers, Rob
Attachment:
signature.asc
Description: This is a digitally signed message part
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |