[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

Checking GPG fingerprints may fool users. Solution included.


#1

A discussion between a Tahoe-LAFS dev and someone shows that showing fingerprints may have loophole that deceives verifiers. A small GPL’d script was written to protect against this. Are we vulnerable to what is described? If so we can add the code and probably fix the wiki instructions.


#2

In scripts, no, we are using gpg with --status-file and parse that. Not using grep.

Good time to mention: