[tor-bugs] #5463 [BridgeDB]: BridgeDB must GPG-sign outgoing mails
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri May 4 22:55:23 UTC 2012
#5463: BridgeDB must GPG-sign outgoing mails
----------------------+-----------------------------------------------------
Reporter: rransom | Owner:
Type: defect | Status: needs_information
Priority: critical | Milestone:
Component: BridgeDB | Version:
Keywords: | Parent:
Points: | Actualpoints:
----------------------+-----------------------------------------------------
Changes (by aagbsn):
* status: new => needs_information
Comment:
I wrote some (untested) code as starting point, using gpgpme (python-
gpgme)
https://gitweb.torproject.org/user/aagbsn/bridgedb.git/commit/c166119dec14584ad14dcf50b2a98ff9f719892a
Now for some questions:
Is it OK to use unprotected protected keyfile?
Is gpg clearsign fine here?
What sort of friendly and encouraging text do we want to include to
inspire users to actually verify messages? And, if the instructions we
link to are on www.tpo, and *.tpo is blocked, what now?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5463#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list