[tor-bugs] #10495 [Website]: Better way - Leftover tor gpg signing key in the local user's gpg keychain in the documentation

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Oct 19 20:57:45 UTC 2014


#10495: Better way - Leftover tor gpg signing key in the local user's gpg keychain
in the documentation
-----------------------------+--------------------
     Reporter:  daffyduck    |      Owner:
         Type:  enhancement  |     Status:  closed
     Priority:  normal       |  Milestone:
    Component:  Website      |    Version:
   Resolution:  wontfix      |   Keywords:
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+--------------------
Changes (by Sebastian):

 * status:  new => closed
 * resolution:   => wontfix


Comment:

 All the solutions that never put the key into the user's keychain are
 insecure, because gpg never checks that it actually got the right key
 reliably. Having one more key in the keyring isn't an issue as far as I'm
 concerned. Please reopen if I'm overlooking a problem

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10495#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list