(Yes i realize the irony of not attaching my own) [1]
So crux 3.3 is approaching and with that release we will introduce
signify[2] as a way to do checksum and signing. To start with, core, opt
and xorg will be signed. And to allow all these ports to be signed, we
must distribute the private key t
[2016-10-11 11:05] Fredrik Rinnestam
>
> So please reply and attach your public keys if you maintain ports in
> either opt or xorg!
... and then transmit the fingerprint over a second channel, or at
least ensure good trust paths to the keys. Otherwise it's a leap
of faith.
meillo
__
On 2016-10-11 11:15, markus schnalke wrote:
> [2016-10-11 11:05] Fredrik Rinnestam
>>
>> So please reply and attach your public keys if you maintain ports in
>> either opt or xorg!
>
> ... and then transmit the fingerprint over a second channel, or at
> least ensure good trust paths to the keys.
(Tue, 11 Oct 11:05) Fredrik Rinnestam:
> So please reply and attach your public keys if you maintain ports in
> either opt or xorg!
and contrib?
--
I am not a native English speaker,
so feel free to correct any spelling or grammatical errors!
signature.asc
Description: PGP signature
_
On Tue, 11 Oct 2016 13:27:26 +0200
Fredrik wrote:
>>> So please reply and attach your public keys if you maintain ports in
>>> either opt or xorg!
>>
>> ... and then transmit the fingerprint over a second channel, or at
>> least ensure good trust paths to the keys. Otherwise it's a leap
>> of fait
