Fedora Magazine - Pitch: GPG
opensource at till.name
Mon Jan 11 17:38:29 UTC 2016
as a disclaimer: I am not so much experienced with marketing, but I have
some generic/technical ideas.
On Sun, Jan 10, 2016 at 03:56:59PM -0500, charles profitt wrote:
> I have put up an outline for a potential magazine article.
Not sure, if you plan to address this, but here are some questions that
I would try to answer in such a posting:
* Why should I use GPG/why do I need it?
* Despite protecting E-Mail and Jabber communication this should
also mention protection of software. For example package
maintainer should use it to verify the source code coming from
* How does Fedora use it?
* IMHO one important fact about Fedora is that we protect nearly all
deliverables with GPG, i.e. ISO images, VM images and RPMS. Only
Fedora Rawhide is not always completely signed. See for example:
* Also FAS allows to store a GPG fingerprint to be able to recover
an account in case of lost e-mail access and password. It
currently say GPG key id, but it will be the fingerprint with the
* And GPG keys from FAS accounts are available via DNSSEC using the
openpgpkey tool (in package hash-slinger)
* maybe more?
* How do I manage GPG keys in RPM/DNF?
* This would be something specific to Fedora that is not found in
Then there are important technical aspects, that one should consider:
And other topics could be using smartcards/tokens to protect the key or
using GPG keys for SSH authentication.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: not available
More information about the marketing