WKD proper behavior on fetch error
juergen at bruckner.email
Sun Jan 17 21:39:48 CET 2021
I can only agree with Andre's words.
And as far as Sequoia is concerned, Stefen's explanations only confirmed
that this is software that I definitely don't want to use.
Software that accepts an invalid digital certificate as correct, has no
place in an environment where security and confidentiality are concerned.
This is an a b s o l u t e NO-GO.
GnuPG doesn't have to change anything here.
The change MUST be made at Sequoia, preferably yesterday!
Am 17.01.21 um 21:17 schrieb André Colomb:
> Hi Stefan,
> On 17/01/2021 19.41, Stefan Claas via Gnupg-users wrote:
>> Please try to accept that GitHub (and maybe in the future others as well)
>> has *no* bad certificate! The only thing which could be considered "bad"
>> or at least sub-optimal for a global ML, like this one, Is the support in
>> form of the GnuPGP ecosystem devs.
> GitHub's web server, *in your specific use case* is sending a
> certificate proving it is an apple when you're asking for it under the
> name "orange". That makes the certificate *invalid* for that connection
> request as it could not be distinguished from a man in the middle attack
> asking your browser to "Please try to accept that this apple is an orange".
> Don't you find it strange that you are the only one still insisting that
> it's valid when several very knowledgeable people have explained to you
> in many different ways why it's simply not true?
> And please tone down on the GnuPG criticism. It's your right to dislike
> the software or even Werner Koch personally. But this is not the right
> place for anti-publicity or constant personal stabs against people who
> have patiently spent a lot of time to help and educate you. Please try
> to keep the discussion productive.
> Kind regards
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
/¯\ No |
\ / HTML | Juergen Bruckner
X in | juergen at bruckner.email
/ \ Mail |
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3894 bytes
Desc: S/MIME Cryptographic Signature
More information about the Gnupg-users