Feb. 11, 2024
1:34 a.m.
On 2024-02-10 16:22, brian.inglis--- via tz wrote:
all we can do for now with the current distribution: using https:// as you suggested, sha1 check, and eyeball diff (-b) in case of site hacks.
I guess I'm not following your point because that's clearly not all a user can do. A user can also check the signatures, which are made via a public key certificate. I know a few users do that, because I got email a while back when my public key expired and was renewed.