[pmwiki-users] Infected Cookbook Recipes?
Martin Fick
mogulguy at yahoo.com
Mon Sep 22 09:31:22 CDT 2008
But in order to sign the files, the public key for the signature would have to be posted somewhere! Perhaps the author's profile page would be a good place to put that, the author could password protect this page? But if we do that, why not simply put the MD5 hashes on the author's profile page instead?
-Martin
--- On Mon, 9/22/08, Christophe David <pmwiki at christophedavid.org> wrote:
> From: Christophe David <pmwiki at christophedavid.org>
> Subject: Re: [pmwiki-users] Infected Cookbook Recipes?
> To: "Hans" <design5 at softflow.co.uk>
> Cc: "PmWiki Users" <pmwiki-users at pmichaud.com>
> Date: Monday, September 22, 2008, 9:12 AM
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> > But it is quite a bit of extra work, and it forces a
> user to install
> > GPG in order to use the recipe.
>
> No: the user gets a .zip file containing the recipe that
> can be used
> directly. If *and only if* he wants to validate it, he can
> use GPG.
>
> The developer would just upload a zip file instead of a php
> file.
>
> Many files are already distributed on the internet with a
> signature
> file: look for example at PasswordSafe on
>
> http://sourceforge.net/project/showfiles.php?group_id=41019&package_id=33169&release_id=623132
>
> http://passwordsafe.sourceforge.net/
>
> Each file is supplied with a signature.
>
> Christophe
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
>
> iD8DBQFI15nKyu9YWMK6LU8RAvjoAJ0RYYZ6bx1Vem3XWcwvitcUDttv4wCggaxR
> JmuczuYKnBa2whdQjG0d7yY=
> =A/sn
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> pmwiki-users mailing list
> pmwiki-users at pmichaud.com
> http://www.pmichaud.com/mailman/listinfo/pmwiki-users
More information about the pmwiki-users
mailing list