This is the mail archive of the mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Package review status


Sorry, replied to the wrong mailing list in the first place.
Hi Robert,

Right, well I'll happily run generate checksums of what I download, and
if the poster to here posts the expected checksums, in a gpg signed
message, then we can be fairly sure that whomever sent the email,
created the package files.

Generating trust in a specific GPG signature takes time or a web of
trust, and is a related-but-separate discussion. I think that my GPG key
is well associated with me by now :] (Either that, or a very persistence
mimic :};}). One way would be for maintainers to follow a similar
approach and consistently sign their emails. YMMV.
yes, but I need your public key to verify that you are really YOU.

Where did you put your public key, I tried some keyservers but couldn't
find you. Many "Robert Collins", but not with .

PGP/GPG key  (ID: 0x9F8A785D)  available  from
key-fingerprint 550D F17E B082 A3E9 F913  9E53 3D35 C9BA 9F8A 785D

Attachment: msg01246/pgp00000.pgp
Description: PGP signature

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]