Updated OpenPGP Security (markdown)
parent
be7ab089f5
commit
492e266450
|
@ -3,7 +3,7 @@
|
||||||
* The default keyserver is hkps://hkps.pool.sks-keyservers.net using a pinned certificate (can be found in assets)
|
* The default keyserver is hkps://hkps.pool.sks-keyservers.net using a pinned certificate (can be found in assets)
|
||||||
* When updating a key from a keyserver, the fingerprint of the downloaded key is checked to match the fingerprint of the existing key
|
* When updating a key from a keyserver, the fingerprint of the downloaded key is checked to match the fingerprint of the existing key
|
||||||
|
|
||||||
## Current OpenPGP security choices in OpenKeychain
|
## OpenPGP Security Choices
|
||||||
* We never generate v3 signatures, always v4
|
* We never generate v3 signatures, always v4
|
||||||
* We do not import v3 keys (https://github.com/coruus/cooperpair/tree/master/keysteak)
|
* We do not import v3 keys (https://github.com/coruus/cooperpair/tree/master/keysteak)
|
||||||
* If a v4 key is imported with a long key id that already exists in the database, the import is canceled. (see https://github.com/coruus/cooperpair/tree/master/pgpv4 for test keys)
|
* If a v4 key is imported with a long key id that already exists in the database, the import is canceled. (see https://github.com/coruus/cooperpair/tree/master/pgpv4 for test keys)
|
||||||
|
|
Loading…
Reference in New Issue