Y
Hacker News
new
|
ask
|
show
|
jobs
by
throwaway7767
4402 days ago
That would be prudent regardless. If you trust HTTPS, why verify the PGP signatures? And if you don't, verifying the PGP signatures does not get you anything if you have no reason to trust the key.