On Fri, 2006-03-31 at 13:27 -0500, Paul W. Frields wrote: > > Click-throughs are passive, people can do them without thought. The > > sign-the-CLA-with-GPG is active. > > But I agree that GPG signing emails is just frills compared with the > CLA. No reason people should go through that pain if they don't care. > I've been using PGP/GPG so long that I don't, but it's obviously a > significant barrier to some people, and since it's not necessary outside > the CLA, we should remove or demote it like you said. My ~$0.02. FWIW, when I wrote that line I had a couple of things in mind: 1) Since in practice you need a GPG key and a Linux box to contribute, and the default GNOME mail client (Evolution) enables GPG with one setting, signed e-mail is almost free (I thought). Kmail has GPG support as well, I believe. 2) Doing the Right Thing: without some kind of signature, an e-mail just isn't trustworthy, even though most people do assume the "From:" field can be trusted. Which is slightly worrying, and something that I have to explain semi-regularly as people receive infected or phish mails. With a project like this, where contributors often only interact through IRC and e-mail, signed mail is particularly valuable IMO. Of course I hadn't looked at Thunderbird... It appears that the versions of Enigmail provided by the developer are often incompatible with Thunderbird builds provided by Fedora, and there isn't a package in the Fedora repositories for Enigmail. -- Stuart Ellis stuart@xxxxxxxx Fedora Documentation Project: http://fedora.redhat.com/projects/docs/ GPG key ID: 7098ABEA GPG key fingerprint: 68B0 E291 FB19 C845 E60E 9569 292E E365 7098 ABEA
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-docs-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-docs-list