Very Computer

I was just thinking about how cool it would be to have PGP
signatures for Linux software.  Source, executables, etc.
It would then be safer to FTP, and promote general system
security.

I understand things like CRC numbers aren't enough.

Are there distributions out that do this already?  I'd be
interested.

Quote:>I was just thinking about how cool it would be to have PGP
>signatures for Linux software.  Source, executables, etc.
>It would then be safer to FTP, and promote general system
>security.

>I understand things like CRC numbers aren't enough.

>Are there distributions out that do this already?  I'd be
>interested.

It would be a good idea except for one problem:  U.S. ITAR regulations would
make it difficult for U.S. based distributors to legally export PGP signed
files (although I think it's perfectly legal to send PGP encrypted messages
and signatures outside of the U.S. as opposed to crypto software, the State
Department and No Such Agency have more money and more lawyers than most
freeware authors and distributors.)  Yes, it is a moronic law, but if you
don't think the feds take this law seriously, talk to Phil Zimmermann.

Doug Holland

--
------------------------------------------------------------------------------