Remember, 'signing gems' is a panacea.
-
-
Replying to @steveklabnik
.
@steveklabnik what about "signing a list of hashes"? One app handling signatures, multiple repositories, no multiple key mgmt or WoT.1 reply 0 retweets 0 likes -
Replying to @steveklabnik
@steveklabnik I'm a security geek, so my ideas are biased. But I'd love to help :)3 replies 0 retweets 0 likes -
Replying to @gcouprie
@gcouprie@steveklabnik see this specifically: https://github.com/rubygems-trust/rubygems.org/issues …3 replies 0 retweets 0 likes -
Replying to @bascule
@bascule@steveklabnik proposal published: https://github.com/rubygems-trust/rubygems.org/issues/10 … And now I'm off to bed, waiting for tomorrow's comments/trolls :)2 replies 0 retweets 0 likes
@gcouprie @steveklabnik fully decentralized trust is hard, but a problem I'm working on: https://github.com/tarcieri/cryptosphere …
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.