[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #5463 [BridgeDB]: BridgeDB must GPG-sign outgoing mails



#5463: BridgeDB must GPG-sign outgoing mails
-----------------------------+----------------------------
     Reporter:  rransom      |      Owner:  isis
         Type:  enhancement  |     Status:  needs_review
     Priority:  normal       |  Milestone:
    Component:  BridgeDB     |    Version:
   Resolution:               |   Keywords:  bridgegb-email
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+----------------------------

Comment (by cypherpunks):

 Replying to [ticket:5463 rransom]:
 > BridgeDB must also include the address to which it sent a message in the
 GPG-signed text, and warn users that they should verify that BridgeDB
 messages are GPG-signed and that the e-mail address in the signed message
 matches the e-mail address which the user requested bridges with.

 After re-reading the ticket's description I realized that, in addition to
 my last comment, I'm not sure we sufficiently warn users about the
 unfortunate side effects of not verifying the signature. As far as I see,
 bridgedb.asc is the only place we mention verifying the sig, and a user
 only sees this if they explicitly request the key. We should try to find a
 place to mention this in the other templates. I think we should be
 realistic and take into account the fact that only a small fraction of
 end-users will check the sig, regardless of what the email says, and if we
 add too much information then most users won't read any of it. This may be
 a small challenge.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5463#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs