> On 3/14/14 5:09 AM, Jean-Philippe Ouellet wrote:> Hello, >> ... >> Anyway... we have signfiy now and the FAQ still says otherwise. > > Oh, I forgot these: > > tedu's backport > http://www.tedunangst.com/flak/post/signify-backport > > my osx "port" > https://github.com/jpouellet/signify-osx
I'm not sure what value this adds. Downloading pubkeys from some (semi-)random location does not really give additional security. Sure, maybe no less either, and making attacks slightly more complicated, but still. /Alexander