Mikkel L. Ellertson wrote:
Let me see - The Gnupg package is included with Fedora. RPMs are
signed with a GPG key - each version has its own key. The extra
repositories have their own keys. When their was a possibility that
the keys had been compromised, new keys were issued. It is not like
Fedora isn't already using gpg...

About the only change I can see would be signing the files needed to
do a network install...

I was talking about the community more, than about the repos. Is GnuPG widely used in the community? How about the people from M$ world?

Again: promoting GnuPG would promote:
* GNU
* free software
* security and authenticity
* bazaar model
* mutual trust
all at the same time.

Maybe that would be better than to sit and wait for Microsoft/whatever to sell everybody his X.509.... Wide use of encryption/digital signatures will come sooner or later, I guess.

STF

=======================================================================
http://eisenbits.homelinux.net/~stf/
OpenPGP: 9D25 3D89 75F1 DF1D F434  25D7 E87F A1B9 B80F 8062
=======================================================================

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

Reply via email to