:: Re: [DNG] Beowulf Beta is here!
Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Adrian Zaugg
Fecha:  
A: dng
Asunto: Re: [DNG] Beowulf Beta is here!


On 22.03.20 13:02, Dan Purgert wrote:
> On Mar 21, 2020, Adrian Zaugg wrote:
> The entire point of the public key is that it can be obtained over any
> insecure medium, and still provide the correct signature verification.


That is true, yes. But if you get other keys in your keystore than you
really wanted, packages do verify that you don't want that they do. You
need to verify imported keys, that they belong to the one you think they
should. That's why I suggested to use a https-secured link, because at
least the server gets identified through the certificates.

Regards, Adrian.