Re: [gNewSense-users] gNewSense Repository PGP Key

[Karl Goetz]

On Sat, 12 Dec 2009 23:17:19 -0500
Eric Morey <address@hidden> wrote:

> On Sun, 2009-12-13 at 11:25 +1030, Karl Goetz wrote:
> > Feel free to stick it on the wiki, or suggest a location if you
> > want it under www.
> 
> Isn't a wiki an inherently bad place to post a PGP key? How could I
>  have any level of trust that it is the correct one?

if it doesn't match whats signing package lists in the archive its the
wrong key. If someones MITM'd the archive I dont see why www. or wiki.
would be any safer.
kk

-- 
Karl Goetz, (Kamping_Kaiser / VK5FOSS)
Debian contributor / gNewSense Maintainer
http://www.kgoetz.id.au
No, I won't join your social networking group

signature.asc
Description: PGP signature