New mirror for WinPT + GnuPG installer
Michael Nahrath
gnupg-users@nahrath.de
Wed Dec 4 18:41:02 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Werner Koch <wk@gnupg.org> schrieb am 2002-12-04 09:45 Uhr:
> On Wed, 04 Dec 2002 03:04:37 +0100, Michael Nahrath said:
>
>> What do the GnuPG developers think about the other installers?
>
> I do only know the installer used by winpt. I have never seen the
> other ones. But well, a ZIP file is sufficient for me ;-)
It may be sufficient for you, but you don't write GPG only for your
personal use :-)
Having a decent installer is critical for evangelization.
It may also be critical for security concerns.
I have seen guides on the web whose advice results in storing the private
key file in C:\Programs\GnuPG\ even on a multi-user W2k system - readable
for all other users.
A good installer would use the user's private directory instead (the
- -outdated- GnuPP installer does).
How about adding a link to the download section of www.gnupg.org:
"Other distributions using our code" with a disclaimer like:
"We can not guarantee for the integrity of other people's compilations.
You have to check for this on your own."?
Greeting, Michi
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.1 (Darwin)
iD8DBQE97j5x19dRf5pMcEwRAte9AJwI34pcHIpPQRJ2Z473Dr+cDEmlqwCfXgmO
W4chv7HcqGj0Uw57dQ15s/Y=
=wjFO
-----END PGP SIGNATURE-----D PGP SIGNATURE-----kstystyl������AAA�>