Re[2]: [Exim] OpenPGP signatures on Exim releases

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Richard Welty
Date:  
À: exim-users
Sujet: Re[2]: [Exim] OpenPGP signatures on Exim releases
On Thu, 10 Oct 2002 09:25:42 +0100 (BST) Philip Hazel <ph10@???> wrote:

> On 9 Oct 2002, Jeffrey C. Ollie wrote:


> > I don't think that PGP signing software distributions is "over the
> top",
> > not anymore anyway. Just witness the recent OpenSSH debacle. Really,
> > once Philip gets set up and comfortable using gpg (or whatever) it will
> > only take a few minutes each time he creates a release, plus a little
> > time here and there maintaining his keys.


> I'm confused. What is the difference between PGP and GPG? This thread is
> using both of them...


PGP == Pretty Good Privacy
descended from the original code, eventually became a commercial
product, borged by Network Associates, and now being retired by them
because they don't understand how to market it. the original Un*x
source code is still around. there are licensing issues.

GPG == GNU Privacy Guard
a GPL reimplementation of PGP

GPG is the actual tool set you will wish to use, i should think.

> > Of course, right now I'd rather see him finish the new edition of the
> > book, but hopefully after that he'll find some time to sit down and
> play
> > with PGP signing future releases.


> There won't be a future release until well after I've finished the book,
> so that's not an issue.


although you could publish signatures for the 4.10 release anytime you
want to. when the book wears you down and you need a break, you might make
a couple of hours to look at gpg.

richard
--
Richard Welty
rwelty@???                                 Averill Park Networking
rwelty@???           Unix, Linux, IP Network Engineering, Security
rwelty@???                                     518-573-7592