Signing the gem with a PGP key

Hongli Lai hongli at phusion.nl
Mon Mar 11 19:57:00 UTC 2013


After the recent Rubygems.org hack it became clear that somethings
needs to be done about authenticating gems. One of the efforts that
was launched is http://www.rubygems-openpgp-ca.org/. We at Phusion
have just finished signing all our gems and repositories with our PGP
key, and our PGP key has been verified and signed by this CA.

It would be great if Unicorn can participate as well by signing future
releases. If you already use GnuPG then the process is extremely
straightforward.

-- 
Phusion | Ruby & Rails deployment, scaling and tuning solutions

Web: http://www.phusion.nl/
E-mail: info at phusion.nl
Chamber of commerce no: 08173483 (The Netherlands)


More information about the mongrel-unicorn mailing list