arno/privatebin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

adjust signing intro

rugk 2017-06-21 15:57:36 +02:00
parent e79b586ea7
commit 29060d0220
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
FAQ.md

@ -106,7 +106,8 @@ You could, however, imitate this encryption process in your own tool/application
### How can I securely clone/download your project?
As of the PrivateBin 1.0 release we [cryptographically sign](https://git-scm.com/book/uz/v2/Git-Tools-Signing-Your-Work) our git commits and tags, so that you can verify we actually developed the software. Should the signature ever change, please look for a signed message of the current developers, which states that there is a new developer with a new signature.
As of the PrivateBin 1.0 release we [cryptographically sign](https://git-scm.com/book/uz/v2/Git-Tools-Signing-Your-Work) our git commits and tags, so that you can verify we actually developed the software. Later, we also [started signing the release archives on GitHub](https://github.com/PrivateBin/PrivateBin/issues/219).
Should the signature ever change, please look for a signed message of the current developers, which states that there is a new developer with a new signature or another valid reason, why the keys change.
Here is the workflow you should use for verifying commits or tags:
1. Download our public keys [from PrivateBin.info](https://privatebin.info/credits.html).