

RubyGem developers: sign your gem with PGP - FooBarWidget

Remember the recent Rubygems.org vulnerability? We don't want all that to happen again do we? But the responsibility lies partly on us, the gem developers.<p>The folks at Phusion have already signed most of our repositories and gems with our PGP key, which in turned is signed by the rubygems-openpgp CA. Will you be the next to sign? Go to http://www.rubygems-openpgp-ca.org/
======
crazydiamond
The page says:

> NOTE: This project is experimental in nature. Any representations regarding
> authentication or authority should be taken with a grain of salt. This
> project has no affiliation with either the rubygems project or rubygems.org

If it's experimental are there any risks ?

