[wrong] Killing the PGP web of trust
Karl
gmkarl at gmail.com
Tue Jun 22 17:45:18 PDT 2021
I glanced through https://news.ycombinator.com/item?id=27586146 which has
some dialog with a debian supporter of the new non-pgp system.
The plan appears to be to store the new keys in files (e.g. installation
media) that is still pgp-signed (not certain) at this point, since the
change is only for apt and not media images.
So things can still be verified fully using the web of trust, but the
process for doing that is still an obscure and bloated one without tooling.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 649 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20210622/f36ded97/attachment.txt>
More information about the cypherpunks
mailing list