Date: Wed, 30 Jan 2013 19:13:07 -0500 From: Glen Barber <gjb@FreeBSD.org> To: d@delphij.net Cc: svn-doc-projects@FreeBSD.org, bcr@FreeBSD.org, doc-committers@FreeBSD.org Subject: Re: svn commit: r40831 - in projects/ISBN_1-57176-407-0/en_US.ISO8859-1/books/handbook: . preface Message-ID: <20130131001307.GL1402@glenbarber.us> In-Reply-To: <510993C4.8050400@delphij.net> References: <201301301901.r0UJ1YY6051367@svn.freebsd.org> <51097B66.7080706@delphij.net> <51097FD6.20100@FreeBSD.org> <510993C4.8050400@delphij.net>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Wed, Jan 30, 2013 at 01:42:28PM -0800, Xin Li wrote: > The reason why PGP keys should appear in printed book and DVDs is that > this establishes a way to start your trust chain with. It's wrong to > blindly trust www.freebsd.org to be offering the right keys. > > At very least, the book should have public key for the "Officers", and > probably also the fingerprint part of everyone's public key but with > public block part omitted. > I agree some keys should be included (so@, portmgr-secretary@, core-secretary@). IMHO, printing all keys is wasteful. Also, there is the problem of expired keys. For the "trust" issue, one can always build the pgp keys on a trusted system from the doc/ repository, and use that as the keyring import. Glen [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iQEcBAEBCAAGBQJRCbcTAAoJEFJPDDeguUajw0kH/2wkDPmOJ5be2tgSEkD6WbtY avqaQ9d5090es2hOqeSDo5M/+VDtJ8rPfhr2vDrWvbxYQ9KdxMlsAO5EIn+9zfpd ojjhkqrlqQntLFSys6a9XX1/csd8hZOXaZZTahJjym8yHnOx0lbqcpAotKkNPtJF nrqKdoRkjsRTOHb/tNJX1jal4vkkv10YMIlIgQjhVm5b9BQmxpz2l4t+xbOoG3ek NFJikNEw2Gs2/Y8PKxDWrBRQpGZF5unAbN7ZbzG0USMZtSHY6YuUYet7egjky81T wQuFkD4IzQMwRJf3PCAVINo7FVO1yhEOEBLNPkQ7RAxqBkcijYI16t2/zn23BsI= =1oKM -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130131001307.GL1402>