Commit Graph

21 Commits

Author SHA1 Message Date
Aminda Suomalainen ⚧ cc05be564b
software: update deb.torproject.org.asc 2020-11-24 08:43:37 +02:00
Aminda Suomalainen ⚧ eef93aa680
software: add brave-stable.asc
already in system
2020-10-28 19:00:28 +02:00
Aminda Suomalainen ⚧ 99585a9335
add software/develkubic-obs-suse.asc
This key recently expired in production and as I was able to find update
for it, I am going with TOFU of that production.
2020-10-21 11:52:37 +03:00
Aminda Suomalainen ⚧ 79f4378678
software: update insync-repo.asc 2020-09-12 09:51:02 +03:00
Aminda Suomalainen ⚧ 536d54af09
software: sign docker.asc
Resolves: #8
2020-05-26 10:58:07 +03:00
Aminda Suomalainen ⚧ 60bb295f04
software: add docker.asc 2020-05-26 10:42:14 +03:00
Aminda Suomalainen ⚧ 4cddca7da3
software: update network-obs-suse.asc
expired key + expired signature
2020-03-30 18:08:51 +03:00
Aminda Suomalainen ⚧ 520922ae6e
software: add github-web-flow.asc 2020-03-21 22:46:37 +02:00
Aminda Suomalainen ⚧ cd52c926f0
software: add weechat-deb.asc
Resolves: #4
2020-02-10 20:57:37 +02:00
Aminda Suomalainen ⚧ bab6d8ae1d
software: add ring.asc
Resolves: #5
2020-02-10 20:56:15 +02:00
Aminda Suomalainen ⚧ 772f4bb029
software: add gitea.asc
Resolves: #1

> Verified 5 signatures in the past 2 months.

and https://github.com/go-gitea/gitea/issues/4374
2020-02-10 20:44:28 +02:00
Aminda Suomalainen ⚧ 7d0b920df4
software: add insync-repo.asc
I hope I can trust SKS keyservers and web.archive.org and Mullvad and
the connection between Mullvad and SKS, because the only information
given to me was ACCAF35C and that is trivial to collide and SKS only
gave me one key matching it.
2020-02-01 13:33:12 +02:00
Aminda Suomalainen ⚧ 66084c069b
software: add fdroid-bin.asc
verified from:

* https://f-droid.org/en/docs/Release_Channels_and_Signing_Keys/
* https://web.archive.org/web/20171220230937/https://f-droid.org/en/docs/Release_Channels_and_Signing_Keys/
* + checked both links with Tor Browser

I wish I had TOFU statistics for it as I have been installing the binary
with adb, but that must have been before I started using trust-model
gpg+tofu
2020-01-30 15:37:31 +02:00
Aminda Suomalainen ⚧ 2e5c496dc9
software: add mozilla-releases
signatures of which were hidden into their release server and the key
itself and it's fingerprints were a pain to find from their security
blog. Interestingly a lot of people had took web.arhive.org snapshots of
it or it was crawled a lot.
2020-01-29 22:03:36 +02:00
Aminda Suomalainen ⚧ cbba4171bb
software: add veracrypt 2020-01-29 19:24:24 +02:00
Aminda Suomalainen ⚧ c988654378
software: add keybase.asc 2020-01-28 23:18:20 +02:00
Aminda Suomalainen ⚧ ef5bce0721
software: add network-obs-suse 2020-01-28 22:54:11 +02:00
Aminda Suomalainen ⚧ 61f0d017ee
software: add deb.torproject.org.asc 2020-01-28 22:23:12 +02:00
Aminda Suomalainen ⚧ 318677589f
software: add syncthing.asc 2020-01-28 21:29:28 +02:00
Aminda Suomalainen ⚧ ce02abaa8e
software: add matterbridge & onionshare 2020-01-26 21:56:42 +02:00
Aminda Suomalainen ⚧ 6a231201c6
Initial commit 2020-01-24 22:27:05 +02:00