Y
Hacker News
new
|
ask
|
show
|
jobs
by
TheLoneWolfling
4386 days ago
Not necessarily. It could do key pinning for example, which at least protects already-established users.
1 comments
mitchty
4383 days ago
Additionally, if you use gpg to build your ssh keys and have a trust/sign chain you could then pull this stuff with impunity as long as you keep the trust chain issues sorted.
link