[Openswan dev] First pass README update
Paul Wouters
paul at xelerance.com
Wed Oct 13 20:02:48 EDT 2010
On Wed, 13 Oct 2010, Harald Jenny wrote:
>> In fact, we should change it completely. First of all, that GPG key expired
>> a long time ago (and we'll create a new one). Second, we should just list
>> the fingerprint here, since the source tar ball is GPG signed, they have a
>> point of trust. Otherwise, they need to go through CA's and what not to look
>> at the cert on the website, or check more signatures on the key, etc etc.
>
> Will the key be put into GPG/PGP network too?
Of course.
Paul
More information about the Dev
mailing list