11 Mar '13, 3pm
We're working on signing all our software packages and gems. So should you.
Digital Signatures & Cryptography We make it easy for you to take security seriously. We strongly believe in protecting the authenticity and integrity of our communications and our software. It is for this reason that we employ the use of PGP digital signatures . Using our PGP keys, you can verify the authenticity and integrity of all emails and files that we publish to you or to the world. Software signing key We use Phusion Software Signing <[email protected]> for signing our software packages, e.g. gems and tarballs: Short key ID: 0x0A212A8C Long key ID: 0x2AC745A50A212A8C Fingerprint: D5F0 8514 2693 9232 F437 AB72 2AC7 45A5 0A21 2A8C This key is also stored at sks-keyservers.net and keyserver.ubuntu.com . The Phusion Software Signing key is only used for signing software. It's never used for signing emails or for encrypting files, so please be suspicious if y...