[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] File verification GUI tool



Matt Pagan:
> If you go the browser extension route, there is a now defunct
> Firefox add-on called FireGPG that implemented GnuPG in the web
> browser. This add-on was discontinued in 2010 and it's primary focus
> was encrypting and decrypting gmail messages. [â]

I'd like to remember everyone that it was probably discontinued because
in the end it turned to be a terrible idea. Tails wrote a statement
about it: <https://tails.boum.org/doc/encryption_and_privacy/FireGPG_susceptible_to_devastating_attacks/>

Although an extension whose sole purpose would be to verify GnuPG
signatures would not have the problem and seems like a good idea.
At least, shipping it through addons.mozilla.org give the user some
basic trust path.

-- 
Lunar                                             <lunar@xxxxxxxxxxxxxx>

Attachment: signature.asc
Description: Digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev