[Openswan dev] First pass README update

Paul Wouters paul at xelerance.com
Wed Oct 13 14:28:31 EDT 2010


On Wed, 13 Oct 2010, D. Hugh Redelmeier wrote:

> While we're picking on this section, I would suggest slightly clearer
> GPG suggestion:
> 	Please use GPG (finger vuln at xelerance.com for GPG key) for this.
> =>
> 	Please encrypt your message with GPG using the public key shown by
> 	  "finger vuln at xelerance.com"

In fact, we should change it completely. First of all, that GPG key expired
a long time ago (and we'll create a new one). Second, we should just list
the fingerprint here, since the source tar ball is GPG signed, they have a
point of trust. Otherwise, they need to go through CA's and what not to look
at the cert on the website, or check more signatures on the key, etc etc.

Paul


More information about the Dev mailing list