[Nottingham] (no subject)

Roger Light roger at atchoo.org
Sat Nov 21 20:02:28 UTC 2015

On Sat, Nov 21, 2015 at 4:57 PM, Rory Holland <me at rory.sh> wrote:

> As if anyone uses these for anything anyway.

For encryption I've got no arguments there, but signing is the basis
of how packages are verified on Linux distros - both when you download
from a repo and when a package maintainer uploads a new package to the
distro. Plenty of open source projects also provide signed source

> I did have a thought the other day: It might be cool to buy one of the new
> .pub domains just to put one's key on though. I haven't done so, but e.g.
> curl rory.pub | gpg --import

That does appeal to me a bit definitely :)

keybase.io is the best new view on this sort of thing that I've seen recently.



More information about the Nottingham mailing list