I've just been reading some rather silly things about gnupg except for one practical point: Who has actually checked the source code for it to see whether it's trustworthy, etc? And, of course, the next thing would be: Who would they be that we could trust them, too? After a bit of Googling around, I'm darned if I can find out, nor think of the right terms to search for. Naturally, this extends to other open-source programs. Which ones do get vetted? -- (Currently running FC4, occasionally trying FC5.) Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
