Commit Graph

13 Commits

Author SHA1 Message Date
cd52c926f0
software: add weechat-deb.asc
Resolves: #4
2020-02-10 20:57:37 +02:00
bab6d8ae1d
software: add ring.asc
Resolves: #5
2020-02-10 20:56:15 +02:00
772f4bb029
software: add gitea.asc
Resolves: #1

> Verified 5 signatures in the past 2 months.

and https://github.com/go-gitea/gitea/issues/4374
2020-02-10 20:44:28 +02:00
7d0b920df4
software: add insync-repo.asc
I hope I can trust SKS keyservers and web.archive.org and Mullvad and
the connection between Mullvad and SKS, because the only information
given to me was ACCAF35C and that is trivial to collide and SKS only
gave me one key matching it.
2020-02-01 13:33:12 +02:00
66084c069b
software: add fdroid-bin.asc
verified from:

* https://f-droid.org/en/docs/Release_Channels_and_Signing_Keys/
* https://web.archive.org/web/20171220230937/https://f-droid.org/en/docs/Release_Channels_and_Signing_Keys/
* + checked both links with Tor Browser

I wish I had TOFU statistics for it as I have been installing the binary
with adb, but that must have been before I started using trust-model
gpg+tofu
2020-01-30 15:37:31 +02:00
2e5c496dc9
software: add mozilla-releases
signatures of which were hidden into their release server and the key
itself and it's fingerprints were a pain to find from their security
blog. Interestingly a lot of people had took web.arhive.org snapshots of
it or it was crawled a lot.
2020-01-29 22:03:36 +02:00
cbba4171bb
software: add veracrypt 2020-01-29 19:24:24 +02:00
c988654378
software: add keybase.asc 2020-01-28 23:18:20 +02:00
ef5bce0721
software: add network-obs-suse 2020-01-28 22:54:11 +02:00
61f0d017ee
software: add deb.torproject.org.asc 2020-01-28 22:23:12 +02:00
318677589f
software: add syncthing.asc 2020-01-28 21:29:28 +02:00
ce02abaa8e
software: add matterbridge & onionshare 2020-01-26 21:56:42 +02:00
6a231201c6
Initial commit 2020-01-24 22:27:05 +02:00