[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: digital signatures
From: |
Przemek Klosowski |
Subject: |
Re: digital signatures |
Date: |
Thu, 1 Apr 2004 13:51:58 -0500 (EST) |
Steve,
I am not denying that digital signatures are good; I am just saying
that there's not enough infrastructure in the world at large to use
them exclusively. Doing only gpg sigs will leave out everyone who
doesn't have the setup; I am arguing to do both!
You definitely gloss over the problem of not having the gpg/pgp
infrastructure on the client end. It's one thing to have John do 'gpg
--sign', but you then have to tell everyone to
- get gpg if they don't already have it
- find and import John's public key
- check the signatures.
In fact, it'd be easier to do that by packaging octave in RPM
packages, because it's easier to explain (get John's key, rpm -Uvh).
RPM, for all its warts, actually covers quite a range of systems.
I wonder if there's a windows port?