@bascule so, I just used gpg for password sharing for 1st time & I've gotta say… after the setup UX nightmare, en/decrypting was delightful.
"X.509? Nobody uses that for signing code! Everyone uses GPG! Just look at Ubuntu"
-
-
-
@listrophy the RubyGems signing system should ideally be transparent to the end users. rubygems-openpgp most certainly is *NOT* -
@bascule perhaps a ratcheting percentage scheme (eg rcov) could be employed in bundler? "20% gems must be signed." 1mo later, crank to 40% -
@listrophy need to get a universal signing system in place first, and there's still an ongoing bikeshed debate -
@bascule so you're saying it's a People Problem? ;)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.