On Sat, Aug 15, 2015 at 12:39 PM, Felipe Augusto van de Wiel (faw) < f...@funlabs.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 15/08/15 12:18, alberto fuentes wrote: > > > > What I'm wondering is if we are doing a "Distribute KSP", why > we don't check the hash also in a distributed way? By sharing > your hash when you are exchanging info to sign a key or by > sharing it publicly via people.debian.org, IRC, a mail list > thread, or even microblogging, anywhere you can say "here's my > hash, it matches anibal's hash". > The whole point to check the hash is so you only have to do it once... Otherwise, if you are going to do it with every person, you better check the fingerprint of that person instead :P
_______________________________________________ Debconf-discuss mailing list Debconf-discuss@lists.debconf.org http://lists.debconf.org/mailman/listinfo/debconf-discuss