On Thu, 10 Oct 2002 09:25:42 +0100 (BST) Philip Hazel <ph10@???> wrote:
> On 9 Oct 2002, Jeffrey C. Ollie wrote:
> > I don't think that PGP signing software distributions is "over the
> top",
> > not anymore anyway. Just witness the recent OpenSSH debacle. Really,
> > once Philip gets set up and comfortable using gpg (or whatever) it will
> > only take a few minutes each time he creates a release, plus a little
> > time here and there maintaining his keys.
> I'm confused. What is the difference between PGP and GPG? This thread is
> using both of them...
PGP == Pretty Good Privacy
descended from the original code, eventually became a commercial
product, borged by Network Associates, and now being retired by them
because they don't understand how to market it. the original Un*x
source code is still around. there are licensing issues.
GPG == GNU Privacy Guard
a GPL reimplementation of PGP
GPG is the actual tool set you will wish to use, i should think.
> > Of course, right now I'd rather see him finish the new edition of the
> > book, but hopefully after that he'll find some time to sit down and
> play
> > with PGP signing future releases.
> There won't be a future release until well after I've finished the book,
> so that's not an issue.
although you could publish signatures for the 4.10 release anytime you
want to. when the book wears you down and you need a break, you might make
a couple of hours to look at gpg.
richard
--
Richard Welty
rwelty@??? Averill Park Networking
rwelty@??? Unix, Linux, IP Network Engineering, Security
rwelty@??? 518-573-7592
