Hi,
sajolida wrote (14 May 2011 20:27:42 GMT) :
> I had a look at possible GnuPG options for Windows user. The one
> recommended by gnupg.org is Gpg4win. It doesn't work under Wine so I
> couldn't test it so far. But for sure, it doesn't have a valid
> mainstream HTTPS certificate ;) We could decide to mirror a
> « trusted » version of it but I fear we don't feel like doing so.
Ok.
> I agree with that. The GnuPG option seems similarly easy for Linux/Gnome
> users. So we could do instead:
> - Using our OpenPGP key with Gnome (recommended, Linux: Tails, Ubuntu,
> Debian, Fedora, etc.)
> That would be the Seahorse + Nautilus right-click technique
> - Using Firefox (easy, Windows & MAC)
> That would be the fail-over SHA-256 technique for Windows users
> - Using our OpenPGP key without Gnome (advanced, Linux)
> Same as the actual one
> If we go for that, we would still need to add the SHA-256 sum on the
> download page but we could remove the .iso.sha256 file from the
> torrent and mirror servers.
Ack, sounds great. Make sure you adapt the release_process page
accordingly when you implement this on the download page.
>> => I'm rather in favour of removing the SHA-256 method.
> It would be half-removed then ;)
Right :)
Bye,
--
intrigeri <intrigeri@???>
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
| Do not be trapped by the need to achieve anything.
| This way, you achieve everything.