WKD proper behavior on fetch error

Juergen Bruckner juergen at bruckner.email
Sun Jan 17 21:39:48 CET 2021

I can only agree with Andre's words.

And as far as Sequoia is concerned, Stefen's explanations only confirmed 
that this is software that I definitely don't want to use.
Software that accepts an invalid digital certificate as correct, has no 
place in an environment where security and confidentiality are concerned.
This is an  a b s o l u t e  NO-GO.

GnuPG doesn't have to change anything here.
The change MUST be made at Sequoia, preferably yesterday!


Am 17.01.21 um 21:17 schrieb André Colomb:
> Hi Stefan,
> On 17/01/2021 19.41, Stefan Claas via Gnupg-users wrote:
>> Please try to accept that GitHub (and maybe in the future others as well)
>> has *no* bad certificate! The only thing which could be considered "bad"
>> or at least sub-optimal for a global ML, like this one, Is the support in
>> form of the GnuPGP ecosystem devs.
> GitHub's web server, *in your specific use case* is sending a
> certificate proving it is an apple when you're asking for it under the
> name "orange".  That makes the certificate *invalid* for that connection
> request as it could not be distinguished from a man in the middle attack
> asking your browser to "Please try to accept that this apple is an orange".
> Don't you find it strange that you are the only one still insisting that
> it's valid when several very knowledgeable people have explained to you
> in many different ways why it's simply not true?
> And please tone down on the GnuPG criticism.  It's your right to dislike
> the software or even Werner Koch personally.  But this is not the right
> place for anti-publicity or constant personal stabs against people who
> have patiently spent a lot of time to help and educate you.  Please try
> to keep the discussion productive.
> Kind regards
> André
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

/¯\   No  |
\ /  HTML |    Juergen Bruckner
  X    in  |    juergen at bruckner.email
/ \  Mail |

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3894 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210117/0c65408a/attachment-0001.bin>

More information about the Gnupg-users mailing list