-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
> I think we should PGP sign all the "official" packages that are > provided for download from the various mirror sites. Doesn't anyone around here read pgsql-general? :) I've been arguing for this over there since June of last year. I've also been signing the checksums with PGP and posting those to the mailing list. If this is done (and I am very glad to see a renewed interest forming), I'd like to see it done the correct way - it's too easy to get this wrong and could actually decrease the security of the project by providing a false sense of security. I think this list would be a good place to discuss how it would be implemented. - -- Greg Sabino Mullane [EMAIL PROTECTED] PGP Key: 0x14964AC8 200302030948 -----BEGIN PGP SIGNATURE----- Comment: http://www.gtsm.com/pgp.html iD8DBQE+PoGQvJuQZxSWSsgRAinkAJ9HViGZIfWVvX8RswLsNfec7ln6yQCfbO+L WjSKSr61QKkfpL6Ax0vt4Ag= =0MK8 -----END PGP SIGNATURE----- ---------------------------(end of broadcast)--------------------------- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/users-lounge/docs/faq.html
