:: Re: [DNG] Beowulf Beta is here!
Pàgina inicial
Delete this message
Reply to this message
Autor: Adrian Zaugg
Data:  
A: dng
Assumpte: Re: [DNG] Beowulf Beta is here!


On 22.03.20 13:02, Dan Purgert wrote:
> On Mar 21, 2020, Adrian Zaugg wrote:
> The entire point of the public key is that it can be obtained over any
> insecure medium, and still provide the correct signature verification.


That is true, yes. But if you get other keys in your keystore than you
really wanted, packages do verify that you don't want that they do. You
need to verify imported keys, that they belong to the one you think they
should. That's why I suggested to use a https-secured link, because at
least the server gets identified through the certificates.

Regards, Adrian.