Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
The GPG key is missing from common keyservers #143
I checked with gnupg-users:
LATER NOTE: To clarify what I mean by
It may even be possible (I don' know if it is) to get your public PGP key from github, but I think it is wrong to rely on Github only for all the cryptro verifications. And the community keyservers should be the first option available to Github, as any other, users.
LATER NOTE END.
Many thanks for sharing your concerns! I have since submitted the key. Please try to fetch the key from
To anyone interested in this verification method, use this command to mark the key as trustworthy:
I finally managed to fetch your key from the keyservers. I'll ask about the issues I had on the GnuPG mailing list in the thread linked above.
The issue of inability to successfully just plain "gpg --recv-key CECC45E1E979013C" is for GnuPG because your key (and another one) wouldn't download with plain standard (non-obfuscated) HKP, but only via port 9050 (the Tor port)...
Great to see people understanding how important verification is!
Sure, it should work for everybody, now...
It really is better to use: