On Wed, 12 May 2004, Simon J. Gerraty wrote:
> Why does it need to be gpg or even gpg like?  You can use
> and openssl command line to generate a sig (though its lame that
> you have to extract the pubkey from a cert).

Maybe because we understand gpg (pgp) now, plus are building up a web of
trust for it.

Admitting I'm OpenSSL/crypto-clueless, can you show some examples of how
 * creating a private/public key pair
 * signing a package (file)
 * signing a key
would work with OpenSSL?

 - Hubert

-- 
Hubert Feyrer <hubert@feyrer.de>