Am 04.02.2017 um 23:27 schrieb Daniel Kahn Gillmor:
> On Sat 2017-02-04 15:14:50 -0500, sivmu wrote:
>> I suppose this config did not change after upgrading from 2.1.17.
>> Just tested it on 2.1.18 using arch and it still uses http on my setup.
>
> it's not a config change -- it's a defaults
On Sat 2017-02-04 15:14:50 -0500, sivmu wrote:
> I suppose this config did not change after upgrading from 2.1.17.
> Just tested it on 2.1.18 using arch and it still uses http on my setup.
it's not a config change -- it's a defaults change.
in the old arrangement, if you didn't specify a
Am 04.02.2017 um 08:18 schrieb Daniel Kahn Gillmor:
> On Sat 2017-02-04 01:33:56 -0500, sivmu wrote:
>> When using --revc-key or the gpa frontend, I noticed that the
>> target public keys are still downloded using unencrypted http. While the
>> trnasmitted information is generally public, it
On Sat 2017-02-04 01:33:56 -0500, sivmu wrote:
> When using --revc-key or the gpa frontend, I noticed that the
> target public keys are still downloded using unencrypted http. While the
> trnasmitted information is generally public, it doesmake things pretty
> easy for an adversary to collect
When using --revc-key or the gpa frontend, I noticed that the
target public keys are still downloded using unencrypted http. While the
trnasmitted information is generally public, it doesmake things pretty
easy for an adversary to collect metadata such as your contacts.
This is expecially