[Openswan dev] First pass README update

Harald Jenny harald at a-little-linux-box.at
Thu Oct 14 02:57:18 EDT 2010


On Wed, Oct 13, 2010 at 08:02:48PM -0400, Paul Wouters wrote:
> On Wed, 13 Oct 2010, Harald Jenny wrote:
> 
> >>In fact, we should change it completely. First of all, that GPG key expired
> >>a long time ago (and we'll create a new one). Second, we should just list
> >>the fingerprint here, since the source tar ball is GPG signed, they have a
> >>point of trust. Otherwise, they need to go through CA's and what not to look
> >>at the cert on the website, or check more signatures on the key, etc etc.
> >
> >Will the key be put into GPG/PGP network too?
> 
> Of course.

Well I guess it's far more common to get a key from the keyservers than finger
it so maybe we should skip this then ;-)?

> 
> Paul

Harald


More information about the Dev mailing list