-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 30-09-2015 a las 14:17, David Niklas escribió: > Hello,
Hello, > Now, I'm a student (think penny less), and live in a rural area > 100mi from the nearest LUG and people out here are _very_ computer > illiterate Well, I live in the capital city of my country, I studied IT related stuff, and yet... most signatures on my key are not from people I've met in person. You'll see, most people I've met in person don't know what an OpenPGP key is, and the few that know, can't care less about them. ... > They just don't believe in security around here (Oh, that would > never happen to me! There are laws against that! You are a > security freak.) I know that feeling. > I want to develop FOSS and feel obligated to get a key to protect > uses of the software I'm modifying from MITM attacks. Well, you don't really need your key signed for that... at least, not the key with your name on it. You can make a key using the name "mysoftwarename distribution key", and use it to sign the files. Once people start using the software, they may sign the key. They don't know who is behind the key, but they will know it is the same key that has been using since day 1. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJWDwtfAAoJEMV4f6PvczxAQNwH/3KJh71XeuE9up7WJ8xldYAR 7lwR7PcpGxDfUTavDc+BFaAnAYEt2l2Iqt7zgMsSApzKBKCBimOKvgpEIzn13FS5 FABoGrnTmoUZEptX1bB5yqzZloB6p625HntCzJXQhDC7wm67m9H/RvAtNtcaT5xk WxQRyY/rKLLTFppTNbJ8V4lO2M1W7tsHLpFyuQL48Jy/1enMCRne1IWfrUEOdJIx AzAnMPcIENmIec2fq9uK33H+YvJLxKU1WHcxkKDK825aTT69ZAtCrBjPpv+rFLob TzI7D+mfGq7rTba68wZkshFgQdAzbFK2FJJhI4riHLe0txifno3fvEKjDrlyvL4= =88BB -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
