Conversation:

Notices

1. rien (rien)'s status on Saturday, 04-Apr-2015 14:46:51 EDT rien

   Remote profile options...
   How to make sure the #Enigmail file you downloaded is the real deal: 1) Download the file and its ‘Open PGP’ signature: http://status.hackerposse.com/url/7025 2) Learn that you must download the key the packages have been signed with: http://status.hackerposse.com/url/7026 3a) Download gpg-curl and configure gpg to download keys securely, as described in http://status.hackerposse…
   • Joshua Judson Rosen likes this.
   • MMN-o ✅⃠ (mmn)'s status on Saturday, 04-Apr-2015 15:12:13 EDT MMN-o ✅⃠

     Remote profile options...

     • rien
     @rien You could post the OpenPGP fingerprint of the key which should sign the packages here as a third party reference ;)
   • Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Saturday, 04-Apr-2015 15:21:18 EDT Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca

     Remote profile options...

     • rien
     For 3b) you're relying on the broken Certificate Authority system of PKI; you're "trusting" that your browser or OS is using only authentic certificates from Certificate Authorities that haven't abused the system to issue false certificates. Fortunately, once you've downloaded the !GnuPG key for Enigmail you can see whether it is trusted by following the Web of Trust. If you've sig…
   • Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Saturday, 04-Apr-2015 16:16:17 EDT Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca

     Remote profile options...
     Ack. s/who's/whose/ — I hate that particular #grammo (cf. !ytpo)