On Wed, Feb 21, 2018 at 07:36:08AM -0800, Dan Kegel wrote:
> On Tue, Feb 20, 2018 at 10:16 PM, Ben McGinnes wrote:
>>
>> Because these two lines explain *precisely* why you need something
>> like RHEL or CentOS (certified systems to go with the auditing)
>> *and* updated
u wot m8
http://knowyourmeme.com/memes/u-wot-m8
Nice tool; thanks for sharing!
Cheers,
Fraser
On Wed, Feb 21, 2018 at 09:59:01AM -0500, Konstantin Ryabitsev wrote:
> Hi, all:
>
> I've been maintaining the kernel.org web of trust for the past 5+ years,
> and I wrote a number of tools to help
On Wed, Feb 21, 2018 at 09:59:01AM -0500, Konstantin Ryabitsev wrote:
> Hi, all:
>
> I've been maintaining the kernel.org web of trust for the past 5+ years,
> and I wrote a number of tools to help me visualize trust paths between
> fully trusted keys and those belonging to newer developers.
>
>
On 21/02/18 17:22, Teemu Likonen wrote:
> default-key FINGERPRINT!
That would help for command-line usage for a user with only one private
key. But anything else might not use the default key.
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me
On Tue, Feb 20, 2018 at 10:16 PM, Ben McGinnes wrote:
> On Sat, Feb 17, 2018 at 05:06:54PM -0600, helices wrote:
>> I will probably never understand why wanting to run the most current
>> version of gnupg on a plethora of servers is controversial.
>>
>> Nevertheless, the two
Daniel Kahn Gillmor [2018-02-20 21:35:12-08] wrote:
> Anyway, here's one concrete example (hinted at above) of a
> programmatic gap that is much easier to achieve by mucking around with
> the internal state rather than by the programmatic interface:
>
> * I want to introduce a new
Hi, all:
I've been maintaining the kernel.org web of trust for the past 5+ years,
and I wrote a number of tools to help me visualize trust paths between
fully trusted keys and those belonging to newer developers.
I finally got a chance to clean up the code, and I hope it's useful to
others:
On 02/21/2018 11:53 AM, Peter Lebbing wrote:
> On 21/02/18 10:48, Kristian Fiskerstrand wrote:
>>>gpg: Signature made Tue May 4 23:03:11 2004 JST
>> [...]
>>
>> The author should sign the package using a more modern and secure keyblock.
> Note that not the key, but the /signature/ is made 14
On 21/02/18 11:53, Peter Lebbing wrote:
> The
> author might not be available anymore or willing to expend any effort.
(Or the author might not have a more authentic copy of the file anymore
either. This is not the reason I'm self-replying though).
> This all comes with a major caveat.
Make
On 21/02/18 10:48, Kristian Fiskerstrand wrote:
>>gpg: Signature made Tue May 4 23:03:11 2004 JST
> [...]
>
> The author should sign the package using a more modern and secure keyblock.
Note that not the key, but the /signature/ is made 14 years ago. So
we're talking about verifying the
On 02/21/2018 10:37 AM, Henry wrote:
> I downloaded a tarball ***6.4.tar.gz, it's signature file
> ***6.4.tar.gz.sig, and the author's public key **.pgp from a
> well-known site.
>
> I imported the public key: `gpg --import **.pgp`.
> For some reason, two keys were "skipped":
>gpg:
On Tue, 20 Feb 2018 20:36, n...@walfield.org said:
> "uncool". I left because we (Werner and I) could not work well
> together. This is the same reason that Justus, Kai and Marcus left.
Okay, you raised it and now my Lavamat wants to reply on this: Secret
negotiations with other companies,
I downloaded a tarball ***6.4.tar.gz, it's signature file
***6.4.tar.gz.sig, and the author's public key **.pgp from a
well-known site.
I imported the public key: `gpg --import **.pgp`.
For some reason, two keys were "skipped":
gpg: key 0C0B590E80CA15A7: 2 signatures not checked due to
On Fri 2018-02-09 16:03:01 +, Anna Kitces and Seth Fishman wrote:
> Correction. it is in libgpg-error this is happening
You can see logs of an example build on the Debian OS for gpg-error
here:
https://buildd.debian.org/status/logs.php?arch==libgpg-error
Your build is likely to differ in
14 matches
Mail list logo