On Sat, 28 May 2005, Gabriel Dos Reis wrote: >| Gaby added his key to the website now, but I agree that we should make >| sure the keys are sufficiently well signed by other members of the free >| software (or open source) community. > I'm a bit surprised because I uploaded my new key last december, > shortly before signing 3.3.5.
As far as I understand, it's not a question of these keys being available on a key server, but having sufficiently many signatures and proper paths of trust. For example, I could easily create a key for Gabriel Dos Reis <[EMAIL PROTECTED]> and upload it to the key servers, or some evil hacker could do something similar. >| Many of us will meet at the GCC Summit next month in Ottawa > I'm planning to be there. Excellent. Let's make sure you'll get one or two dozen of signatures for your PGP key there! :-) Gerald
