From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 10731 invoked by alias); 28 May 2005 15:55:19 -0000 Mailing-List: contact gcc-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Archive: List-Post: List-Help: Sender: gcc-owner@gcc.gnu.org Received: (qmail 10721 invoked by uid 22791); 28 May 2005 15:55:15 -0000 Received: from vexpert.dbai.tuwien.ac.at (HELO vexpert.dbai.tuwien.ac.at) (128.131.111.2) by sourceware.org (qpsmtpd/0.30-dev) with ESMTP; Sat, 28 May 2005 15:55:15 +0000 Received: from [128.131.111.60] (acrux [128.131.111.60]) by vexpert.dbai.tuwien.ac.at (Postfix) with ESMTP id EBE9A13799; Sat, 28 May 2005 17:55:13 +0200 (CEST) Date: Sat, 28 May 2005 20:23:00 -0000 From: Gerald Pfeifer To: Gabriel Dos Reis Cc: imacat , GCC Subject: Re: Need GCC 3.3.6 PGP Signing Public Key In-Reply-To: Message-ID: References: <20050528043908.33F8.IMACAT@mail.imacat.idv.tw> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-SW-Source: 2005-05/txt/msg01547.txt.bz2 On Sat, 28 May 2005, Gabriel Dos Reis wrote: >| Gaby added his key to the website now, but I agree that we should make >| sure the keys are sufficiently well signed by other members of the free >| software (or open source) community. > I'm a bit surprised because I uploaded my new key last december, > shortly before signing 3.3.5. As far as I understand, it's not a question of these keys being available on a key server, but having sufficiently many signatures and proper paths of trust. For example, I could easily create a key for Gabriel Dos Reis and upload it to the key servers, or some evil hacker could do something similar. >| Many of us will meet at the GCC Summit next month in Ottawa > I'm planning to be there. Excellent. Let's make sure you'll get one or two dozen of signatures for your PGP key there! :-) Gerald