Commit Graph

28 Commits

Author SHA1 Message Date
a59e4eaa2e
software/deb.torproject.org.asc: refresh 2023-01-23 08:24:03 +02:00
a152f5e534
software: add forgejo.asc 2023-01-01 11:25:55 +02:00
35468569aa
gnupg: add {andre,niibe,werner}.asc
Also symlink software/gnupg

Resolves: #7
2021-09-15 19:03:36 +03:00
f18c3aa305
software: add notepad++.asc
Resolves: #7
2021-09-15 18:49:00 +03:00
cdd74934f5
software: update onionshare.asc
Resolves: #10
2021-01-08 14:08:50 +02:00
14d26ebd9d
software: update gitea.asc & sign it again
Resolves: #9
2021-01-08 14:05:37 +02:00
f5cbdb8d38
software: add electrum-thomasv.asc 2021-01-08 13:32:28 +02:00
cc05be564b
software: update deb.torproject.org.asc 2020-11-24 08:43:37 +02:00
eef93aa680
software: add brave-stable.asc
already in system
2020-10-28 19:00:28 +02:00
99585a9335
add software/develkubic-obs-suse.asc
This key recently expired in production and as I was able to find update
for it, I am going with TOFU of that production.
2020-10-21 11:52:37 +03:00
79f4378678
software: update insync-repo.asc 2020-09-12 09:51:02 +03:00
536d54af09
software: sign docker.asc
Resolves: #8
2020-05-26 10:58:07 +03:00
Mikaela Suomalainen
60bb295f04
software: add docker.asc 2020-05-26 10:42:14 +03:00
4cddca7da3
software: update network-obs-suse.asc
expired key + expired signature
2020-03-30 18:08:51 +03:00
520922ae6e
software: add github-web-flow.asc 2020-03-21 22:46:37 +02:00
cd52c926f0
software: add weechat-deb.asc
Resolves: #4
2020-02-10 20:57:37 +02:00
bab6d8ae1d
software: add ring.asc
Resolves: #5
2020-02-10 20:56:15 +02:00
772f4bb029
software: add gitea.asc
Resolves: #1

> Verified 5 signatures in the past 2 months.

and https://github.com/go-gitea/gitea/issues/4374
2020-02-10 20:44:28 +02:00
7d0b920df4
software: add insync-repo.asc
I hope I can trust SKS keyservers and web.archive.org and Mullvad and
the connection between Mullvad and SKS, because the only information
given to me was ACCAF35C and that is trivial to collide and SKS only
gave me one key matching it.
2020-02-01 13:33:12 +02:00
66084c069b
software: add fdroid-bin.asc
verified from:

* https://f-droid.org/en/docs/Release_Channels_and_Signing_Keys/
* https://web.archive.org/web/20171220230937/https://f-droid.org/en/docs/Release_Channels_and_Signing_Keys/
* + checked both links with Tor Browser

I wish I had TOFU statistics for it as I have been installing the binary
with adb, but that must have been before I started using trust-model
gpg+tofu
2020-01-30 15:37:31 +02:00
2e5c496dc9
software: add mozilla-releases
signatures of which were hidden into their release server and the key
itself and it's fingerprints were a pain to find from their security
blog. Interestingly a lot of people had took web.arhive.org snapshots of
it or it was crawled a lot.
2020-01-29 22:03:36 +02:00
cbba4171bb
software: add veracrypt 2020-01-29 19:24:24 +02:00
c988654378
software: add keybase.asc 2020-01-28 23:18:20 +02:00
ef5bce0721
software: add network-obs-suse 2020-01-28 22:54:11 +02:00
61f0d017ee
software: add deb.torproject.org.asc 2020-01-28 22:23:12 +02:00
318677589f
software: add syncthing.asc 2020-01-28 21:29:28 +02:00
ce02abaa8e
software: add matterbridge & onionshare 2020-01-26 21:56:42 +02:00
6a231201c6
Initial commit 2020-01-24 22:27:05 +02:00