|
|
|
|
|
|
by onlydnaq
4243 days ago
|
|
|
I don't believe that this is a critical issue. The PGP-trust model doesn't need you to trust neither the keyserver nor the connection to the keyserver. You are supposed to look at the actual key, and the actual signatures of the key to decide if you trust it. Anyone can usually upload any key to the keyserver, so even if you use TLS that wouldn't make a difference from a security perspective. |
|
|