Re: [dev] dl.suckless.org file integrity github project

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Aaron Toponce <aaron.toponce_AT_gmail.com>
Date: Fri, 25 Aug 2017 10:00:29 -0600

On Fri, Aug 25, 2017 at 08:12:12AM +0200, Anselm R Garbe wrote:
> - (optional) repo owners/maintainers should sign their future git tags
> for release creation by using their own private PGP key.

Optionally, for those who don't want to use OpenPGP, the author of libsodium
created Minisign back in 2015. It only signs and verifies, and does not do any
encryption or decryption, but it might be worth looking into for those who
don't want to rely on OpenPGP keys.

https://github.com/jedisct1/minisign

-- 
. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o

application/pgp-signature attachment: signature.asc

Received on Fri Aug 25 2017 - 18:00:29 CEST

This archive was generated by hypermail 2.3.0 : Fri Aug 25 2017 - 18:12:21 CEST