On Thu, Jun 5, 2014 at 5:12 PM, PID0 <p1dz3r0@xxxxxxxxx> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > We'd likely have to hash the binaries (with SHA512) and then digitally > sign the hashes. > That makes sense. I think it's pretty clear you have a better feel for security than I do. I think we should figure out a straw-man set of initial devs. I don't know if there should be a "tech lead" dev, but if we have one, I nominate you. The next guy I'm impressed with most is Frank, though I don't know if we need a 1st, 2nd, 3rd sort of ranking. He's doing better work than me, though. I'd like to be one of the core devs, but if a couple more guys show up with more cred then me, I'll step aside. I think 3-5 is optimal. If you guys agree, would the current list include: Chris - possible tech lead? Frank Bill I believe both Stephen and Niklas are a bit inexperienced (for now) to be core devs, but I am often mistaken! There was another guy who sounded really good who is off doing a derivation of all the source from way back in the early days of TrueCrypt, and if he shows up, I think he'd be a great candidate. Should we have a quick vote or something like that to informally get started? Bill