https://bugzilla.redhat.com/show_bug.cgi?id=1834731



--- Comment #23 from marco <mai...@live.de> ---
If you fetch the key from the same website the binaries are taken from, there
is no security. Anyone replacing the binaries can trivially replace the key.

Also, bitcoincore.org is the official download site (bitcoin.org is a mirror
site unrelated to the Bitcoin Core project). So I recommend to use the steps to
verify from their download page: https://bitcoincore.org/en/download/

The instructions recommend to fetch the key based on its fingerprint
(01EA5486DE18A882D4C2684590C8019E36C2E964).


-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
_______________________________________________
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/package-review@lists.fedoraproject.org

Reply via email to