pull down to refresh
0 sats \ 4 replies \ @Natalia 25 Feb \ parent \ on: The Curious Case of Digital Signatures crypto
agree, and some of them are quite hard to search, e.g. Mullvad VPN, I couldn't find it in other places besides their site, madness.
updated
github ☑️ https://github.com/mullvad/mullvadvpn-app/releases/tag/2023.6
updated github ☑️ https://github.com/mullvad/mullvadvpn-app/releases/tag/2023.6
I don't see a key fingerprint there 👀
reply
MullvadVPN-2023.6.pkg.asc
👀
why the devs are making things to tricky, is it really meant for people to verify! or just trust.
I have to do that myself, still figuring things out around PGP keys
same, I'm verifying all the software that I use, good things is I don't use many.
reply
That's a signature, not a key fingerprint 👀
do I have to revoke this message using a new signed message 👀👀👀
reply
then I couldn't find it other than their site - how is that possible, given how many people are using their tools. 😂
Once you’ve observed enough matching fingerprints from enough independent sources in enough different ways that you feel confident that you have the genuine fingerprint, keep it in a safe place.
reply