Hi! https://tails.boum.org/doc/get/trusting_tails_signing_key/index.en.html#index1h1
As far I understand, this chapter assumes an adversary in a position to break SSL or strip SSL (and the user not noticing). With that assumption in mind, look at the graphic below. user <-> user ISP <-> internet <-> boum.org ISP <-> boum.org server MITM less likely for this route | no help for this route This suggestion does not help against an adversary able to tamper with traffic going through the boum.org ISP. No matter from which place the user visits boum.org, an adversary in that position can always tamper with the traffic. This is still a useful suggestion for many people. For example for people in censored countries, which get the key several times through different Tor nodes and trust that more than their own network. I think these limitations should be noted nonetheless. Cheers, adrelanos _______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
