Per Olofsson wrote:
Of course, there are all sorts of security issues here involving key
distribution and the like, but the point is that it would still be
much more secure than the present situation. Establishing a trust-path
by getting your key signed would be an improvement, but it is not
Hi,
Jürgen Spitzmüller wrote:
Jean-Marc Lasgouttes wrote:
I guess we would need one key for you and one for Jose (we cannot share
a LyX key).
I have a key. But I guess it is not very authorative (due to missing counter-
signs).
Well, even if your keys are not signed by anyone, it still
Per Olofsson wrote:
> Of course, there are all sorts of security issues here involving key
> distribution and the like, but the point is that it would still be
> much more secure than the present situation. Establishing a trust-path
> by getting your key signed would be an improvement, but it is
Hi,
Jürgen Spitzmüller wrote:
> Jean-Marc Lasgouttes wrote:
>> I guess we would need one key for you and one for Jose (we cannot share
>> a LyX key).
>
> I have a key. But I guess it is not very authorative (due to missing counter-
> signs).
Well, even if your keys are not signed by anyone, it
Jürgen Spitzmüller juer...@spitzmueller.org writes:
Jean-Marc Lasgouttes wrote:
Have you thought about GPG-signing the LyX tarballs? As a Debian
packager, it would make me feel a bit safer :-)
Juergen, I think it would be an excellent idea.
What is the correct procedure to do this?
It
Jean-Marc Lasgouttes wrote:
I guess we would need one key for you and one for Jose (we cannot share
a LyX key).
I have a key. But I guess it is not very authorative (due to missing counter-
signs).
And on the server, we would just upload the sig-Files matching the tarballs?
Jürgen
Jürgen Spitzmüller writes:
> Jean-Marc Lasgouttes wrote:
>> > Have you thought about GPG-signing the LyX tarballs? As a Debian
>> > packager, it would make me feel a bit safer :-)
>>
>> Juergen, I think it would be an excellent idea.
>
> What is the correct procedure to
Jean-Marc Lasgouttes wrote:
> I guess we would need one key for you and one for Jose (we cannot share
> a LyX key).
I have a key. But I guess it is not very authorative (due to missing counter-
signs).
And on the server, we would just upload the sig-Files matching the tarballs?
Jürgen
Hi LyX developers,
Have you thought about GPG-signing the LyX tarballs? As a Debian
packager, it would make me feel a bit safer :-)
--
Pelle
[please cc me on replies]
Have you thought about GPG-signing the LyX tarballs? As a Debian
packager, it would make me feel a bit safer :-)
Juergen, I think it would be an excellent idea.
JMarc
Jean-Marc Lasgouttes wrote:
Have you thought about GPG-signing the LyX tarballs? As a Debian
packager, it would make me feel a bit safer :-)
Juergen, I think it would be an excellent idea.
What is the correct procedure to do this?
Jürgen
Hi LyX developers,
Have you thought about GPG-signing the LyX tarballs? As a Debian
packager, it would make me feel a bit safer :-)
--
Pelle
[please cc me on replies]
Have you thought about GPG-signing the LyX tarballs? As a Debian
packager, it would make me feel a bit safer :-)
Juergen, I think it would be an excellent idea.
JMarc
Jean-Marc Lasgouttes wrote:
> > Have you thought about GPG-signing the LyX tarballs? As a Debian
> > packager, it would make me feel a bit safer :-)
>
> Juergen, I think it would be an excellent idea.
What is the correct procedure to do this?
Jürgen
14 matches
Mail list logo