Aloha,
I agree that signing emails is a good idea. In the doc I am writing
I have kept it in and am using the instructions on how to set it up from
the website.
Mahalo,
Edward
On Sat, 2006-04-01 at 11:29 +0100, Stuart Ellis wrote:
On Fri, 2006-03-31 at 13:27 -0500, Paul W. Frields wrote:
> > Click-throughs are passive, people can do them without thought. The
> > sign-the-CLA-with-GPG is active.
>
> But I agree that GPG signing emails is just frills compared with the
> CLA. No reason people should go through that pain if they don't care.
> I've been using PGP/GPG so long that I don't, but it's obviously a
> significant barrier to some people, and since it's not necessary outside
> the CLA, we should remove or demote it like you said. My ~$0.02.
FWIW, when I wrote that line I had a couple of things in mind:
1) Since in practice you need a GPG key and a Linux box to contribute,
and the default GNOME mail client (Evolution) enables GPG with one
setting, signed e-mail is almost free (I thought). Kmail has GPG support
as well, I believe.
2) Doing the Right Thing: without some kind of signature, an e-mail just
isn't trustworthy, even though most people do assume the "From:" field
can be trusted. Which is slightly worrying, and something that I have to
explain semi-regularly as people receive infected or phish mails. With a
project like this, where contributors often only interact through IRC
and e-mail, signed mail is particularly valuable IMO.
Of course I hadn't looked at Thunderbird... It appears that the versions
of Enigmail provided by the developer are often incompatible with
Thunderbird builds provided by Fedora, and there isn't a package in the
Fedora repositories for Enigmail.
--
fedora-docs-list mailing list
fedora-docs-list(a)redhat.com
To unsubscribe:
https://www.redhat.com/mailman/listinfo/fedora-docs-list