> Can you dismiss PKI and the benefits that OpenPGP signatures provide to your
> user community? Knowing that xyz binary is signed by OpenBSD for
> distribution or abc email came from an official OpenBSD source is a good
> thing. Trojaned binaries and forged emails happen. PKI can help mitigate
> this. The benefit of PKI is widely known and accepted and does not need to
> be rehashed here. I'm surprised that OpenBSD (the most secure OS I know of)
> does not use it, that's all I'm saying. I also thought there would be a real
> reason for not doing so and there may in fact be and I may just be unaware
> of it.
If you want a secure binary. buy an official CD.. This is
what most people do. PKI requires infrastructure that would cost OpenBSD
money and developer time. Official CD's keep OpenBSD alive.
Oh wait, we should devote resources to people who care about
security, just not enough to spend $50 on it.. Yeah. I'll get right
on that.
-Bob
