WKD proper behavior on fetch error
andre at colomb.de
Sun Jan 17 21:17:53 CET 2021
On 17/01/2021 19.41, Stefan Claas via Gnupg-users wrote:
> Please try to accept that GitHub (and maybe in the future others as well)
> has *no* bad certificate! The only thing which could be considered "bad"
> or at least sub-optimal for a global ML, like this one, Is the support in
> form of the GnuPGP ecosystem devs.
GitHub's web server, *in your specific use case* is sending a
certificate proving it is an apple when you're asking for it under the
name "orange". That makes the certificate *invalid* for that connection
request as it could not be distinguished from a man in the middle attack
asking your browser to "Please try to accept that this apple is an orange".
Don't you find it strange that you are the only one still insisting that
it's valid when several very knowledgeable people have explained to you
in many different ways why it's simply not true?
And please tone down on the GnuPG criticism. It's your right to dislike
the software or even Werner Koch personally. But this is not the right
place for anti-publicity or constant personal stabs against people who
have patiently spent a lot of time to help and educate you. Please try
to keep the discussion productive.
From: André Colomb <andre at colomb.de>
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users