Szerző: Steve Drees Dátum: Címzett: exim-users Tárgy: RE: [Exim] OpenPGP signatures on Exim releases
> > I don't think that PGP signing software distributions is "over the top", > > not anymore anyway. Just witness the recent OpenSSH debacle. Really,
> > once Philip gets set up and comfortable using gpg (or whatever) it will
> > only take a few minutes each time he creates a release, plus a little
> > time here and there maintaining his keys.
>
> I'm confused. What is the difference between PGP and GPG? This thread is
> using both of them...
gpg is GNU's implementation of PGP essentially.
>
> > Of course, right now I'd rather see him finish the new edition of the
> > book, but hopefully after that he'll find some time to sit down and play
> > with PGP signing future releases.
>
> There won't be a future release until well after I've finished the book,
> so that's not an issue.
By publishing your fingerprint in the book you establish that your
fingerprint is really you. Without have to meet face to face with others.
Its an authoritative identification.