[Privoxy-devel] GPG signatures
Fabian Keil
fk at fabiankeil.de
Tue Jun 23 09:03:25 CEST 2026
"Ian Silvester" <iansilvester at fastmail.fm> wrote on 2026-06-22 at 10:48:02:
> On Sun, 21 Jun 2026, at 03:42, Fabian Keil via Privoxy-devel wrote:
> > "Ian Silvester" <iansilvester at fastmail.fm> wrote on 2026-06-20 at 15:27:19:
> >
> >> On Thu, 18 Jun 2026, at 03:11, Fabian Keil via Privoxy-devel wrote:
> >
> >> > While I suspect that most users don't check the OpenPGP signatures
> >> > at all I agree that documenting the keys somewhere on privoxy.org
> >> > would be an improvement.
> >>
> >> Another option that strikes me is to update PACKAGERS to be current,
> >> and include the public keys in there?
> >
> > I think putting the information into the FAQ or the user manual
> > would make it more visible.
>
> Yes, fair enough - an FAQ question "How do I verify the authenticity of
> Privoxy installation packages?" would be a good solution in my view.
Sounds good to me.
It's a bit more ambitious than just publishing the OpenPGP fingerprints,
though.
Do you intend to work on this?
Fabian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.privoxy.org/pipermail/privoxy-devel/attachments/20260623/08dbe380/attachment.bin>
More information about the Privoxy-devel
mailing list