On Fri, Jul 03, 1998 at 03:55:16PM +0100, Jules Bean wrote: > > Also gnupg is still alpha software (as the 0.3.0 version number > > implies), there may well be bugs (in fact, just in the last hour on > > IRC, we seem to have discovered some) [But then hey, PGP has bugs, and > > the GNUpg source is 10x more usable/readable]. However I _do_ believe > > it's stable and bug-free enough to do what we need it to do as far as > > replacing PGP is concerned. > > Firstly, from a raw numbers point of view, let me put my voice behind the > idea of phasing out PGP and replacing with (any free alternative, such as) > gpg as soon as possible. As soon as possible, yes. Meaning, as soon as it's relatively stable. > It should be a no-brainer for any of our developers, since they must > support free software, or they wouldn't have got through the strenous > phone interview (James... ;-) > > How about a message posted to -priovate (which everyone reads, right?) > suggesting that people download and generate gpg keys and submit them as > soon as they can? I don't read -private. I still need to get a key signed to become a developer. Working on that still. => However, I really think this should be in -announce or -devel-announce since it affects more than just developers really. > This will take a few weeks anyhow, and when we feel confident that gpg is > secure, we can start accepting package uploads signed by gpg. Eventually, > we deprecate PGP, and start refusing it... If mutt accepts gpg now, I'll probably start playing with it in a few days.
Attachment:
pgptptrC9375n.pgp
Description: PGP signature