[Nottingham] (no subject)
Roger Light
roger at atchoo.org
Sat Nov 21 20:02:28 UTC 2015
On Sat, Nov 21, 2015 at 4:57 PM, Rory Holland <me at rory.sh> wrote:
> As if anyone uses these for anything anyway.
For encryption I've got no arguments there, but signing is the basis
of how packages are verified on Linux distros - both when you download
from a repo and when a package maintainer uploads a new package to the
distro. Plenty of open source projects also provide signed source
tarballs.
> I did have a thought the other day: It might be cool to buy one of the new
> .pub domains just to put one's key on though. I haven't done so, but e.g.
>
> curl rory.pub | gpg --import
That does appeal to me a bit definitely :)
keybase.io is the best new view on this sort of thing that I've seen recently.
Cheers,
Roger
More information about the Nottingham
mailing list