[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

Checking GPG fingerprints may fool users. Solution included.

A discussion between a Tahoe-LAFS dev and someone shows that showing fingerprints may have loophole that deceives verifiers. A small GPL’d script was written to protect against this. Are we vulnerable to what is described? If so we can add the code and probably fix the wiki instructions.

2 Likes

In scripts, no, we are using gpg with --status-file and parse that. Not using grep.

Good time to mention:

3 Likes
[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]