On 2016-04-18 22:12, Mojca Miklavec wrote:
> I have a problem understanding those rules because we are not dealing
> with encrypted information, but merely use the same algorithms to
> verify authenticity of the packages. On the other hand I have problems
> believing that this problem really
On Mon, 18 Apr 2016, Mojca Miklavec wrote:
> This seems to be a problem for GPG though. Apparently USA export
> restrictions forbid exporting software that does cryptography (and
> some other countries might have import restrictions).
That's largely ancient history.
> I have a problem
On Mon, Apr 18, 2016 at 4:12 PM, Mojca Miklavec wrote:
> Apparently USA export
> restrictions forbid exporting software that does cryptography
Umm, ITAR's had an OSS exemption for years. Are you reading old information?
> (and
> some other countries might have import
Hi,
I have a weird question. I know that MacPorts has been signing all the
packages for a long time already.
I'm currently involved with a project where one developer recently
implemented package signing. On the client level it uses the "gpg" or
"gpg2" binary to verify packages.
It works