How to get your first key signed
faramir.cl at gmail.com
Sat Oct 3 00:55:28 CEST 2015
-----BEGIN PGP SIGNED MESSAGE-----
El 30-09-2015 a las 14:17, David Niklas escribió:
> Now, I'm a student (think penny less), and live in a rural area
> 100mi from the nearest LUG and people out here are _very_ computer
Well, I live in the capital city of my country, I studied IT related
stuff, and yet... most signatures on my key are not from people I've
met in person. You'll see, most people I've met in person don't know
what an OpenPGP key is, and the few that know, can't care less about them.
> They just don't believe in security around here (Oh, that would
> never happen to me! There are laws against that! You are a
> security freak.)
I know that feeling.
> I want to develop FOSS and feel obligated to get a key to protect
> uses of the software I'm modifying from MITM attacks.
Well, you don't really need your key signed for that... at least,
not the key with your name on it. You can make a key using the name
"mysoftwarename distribution key", and use it to sign the files. Once
people start using the software, they may sign the key. They don't
know who is behind the key, but they will know it is the same key that
has been using since day 1.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the Gnupg-users