SSL on gnupg.org
peter at digitalbrains.com
Mon Sep 9 12:54:49 CEST 2013
On 09/09/13 04:06, Jose Luis Rivas wrote:
> I have seen some worrisome about downloading stuff from a site without a
> proper SSL certificate, specially nowadays with the NSA issues which
> include them in the middle of the internet pipes.
SSL is precisely /not/ the technology to use to escape the NSA (more
specifically, the Certificate Authority structure of the validation, I'm not
talking about the SSL session itself).
If there is /an/ organization that can spoof the authenticity of an SSL
website, it'll be the NSA. I will eat my hat if they don't have access to a
few certificate authorities.
If you want to verify authenticity of a downloaded GnuPG, verify it with
GnuPG. Yes, I know, there's a problem there :).
 Luckily, the washing label says "AZO free". I have no idea what that is,
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users