Follow

Does someone know why, of all apt repository keys, the one used to sign Tor packages is not available on GPG keyservers (anymore)? Feels sketchy af.

@raucao The keyservers are broken by design. And this was demonstrated in practice by recent attaks.

The Tor project key was one of the ones that got flooded.

Some context: https://lwn.net/Articles/792366/
Sign in to participate in the conversation
kosmos.social

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!