[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape's dependence upon RSA down for the count!)

>   Yes, I get the idea about spewing the signed hashes everywhere.  The
> problem I have is with the user of PGP.  That will help cypherpunks,
> but does absolutely nothing for most of our millions of users, who
> have no idea what PGP is.  Perhaps its enough to assume that if anyone
> is tampering with the distribution, some cypherpunk will stumble across
> it...

If nothing else, Jeff, it will expose those "millions of users, who
have no idea what PGP is" to PGP.  And, hopefully, some of those
"millions of users" might even take the time to grab PGP and take a
look at that, too.

In other words, there is nothing to lose (except a little bit of time
and effort, and a small amount of storage space) and there is a heck
of a lot to gain by including PGP signatures.