[clo-devel] Re: Please upload your public GPG key to common-lisp.net
nikodemus at random-state.net
Thu Nov 6 18:38:40 UTC 2003
On Thu, Nov 06, 2003 at 08:49:05AM -0700, Kevin Rosenberg wrote:
> I'd recommmend keymaster at cl.net and have a web page which describes
> the criteria for a key to be signed by the keymaster key. (I'd reserve
> you signing keys with your personal key for those owners with whom you
> meet in person and look at their photo id.
Ok. This makes more sense then admin as recipient. ;)
> Alternately, you can do like Debian and create a keyring file which
> contains the public key which cl.net trusts and publish that file so
> that downloaders of cl.net files can verify the signature of that file
> against the keys that are in the trusted keyring file. Then, there is
> no need for cl.net to sign any keys.
I think the signing can be better for now at least: it creates more
crypto-awareness in the community, and helps in kickstarting a web of
trust. Or so I hope.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the clo-devel