What is the benefit of doing so? What's the point? Is the website so likely to be hacked into, that the developers need to sign all communication just to ensure that it comes from them? There's absolutely no need to signing errata or official communications. Name one justifiable use for them. If the OpenBSD developers didn't care about "secure communications", then OpenSSH would not exist.
On Dec 5, 2007 3:03 PM, new_guy <[EMAIL PROTECTED]> wrote: > Lars Hansson-5 wrote: > > > > No. OpenBSD doesn't sign code. > > > > --- > > Lars Hansson > > > > Oh that surprises me, are OpenPGP signatures used for anything? Errata, > official communication, etc... maybe this is a stupid question, by it > seems > everyone does it these days... even small software projects. Not being > critical of OpenBSD (I love it and buy CDs) just curious as to the > reasoning > for not using pgp/gpg keys to sign stuff, secure communication, etc. > > > -- > View this message in context: > http://www.nabble.com/Code-signing-in-OpenBSD-tf4947207.html#a14173498 > Sent from the openbsd user - misc mailing list archive at Nabble.com.
